last executing test programs:

9.036071813s ago: executing program 1 (id=1879):
r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5ac, 0x244, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x3, 0x0, 0x2, 0x0, {0x9}}}]}}]}}, 0x0)
openat$mice(0xffffffffffffff9c, &(0x7f0000000080), 0x80)
close_range(r0, 0xffffffffffffffff, 0x0)

6.126009303s ago: executing program 1 (id=1898):
syz_mount_image$iso9660(&(0x7f0000000040), &(0x7f00000000c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0, &(0x7f0000000080)=ANY=[], 0x1, 0xa08, &(0x7f0000008280)="$eJzs3c1vXOW9B/DvGduJMSgJkMvlRkAm4SYY8HVs55LciMW9iT1JzPXLle1IRHdBKHGqKG5pSSsBqtQgVV0VtVKrLtod6qorJDZlU7Frd+2qi0oV/wLqKlIruToz43hsjz2O69gmfD7WzJyX33me33l9NOOZ84Qvl8WDK8YWF+uPLY5f+fUOZMwedmHs848+/rB8fHAn+9KVV4rfJL1Jqkl3kqeTntGxmenJDgXdSq4l+SwpkuxP43VTrqX4cR5bHv8sxS/Lete1b7Ml08kiX2m7ffwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBeVIyODQ0NF/syPnXl9WpDUl1jdGxmusji4to5S8s0fFrv9bv4tGO9SVE+0tu71NX304eXZz+VpHo8zzTGnql3SJ7evP/oU4defbK7srT8etn8U/Zvvtjb771/682Fhfl3Hkgie9+l2tT47PT45PlLter47HT13JkzQ6cuX5ytXhyfqM1enZ2rTVZHZ2rn56Znqv2jL1aHz507Xa0NXp2+MnVpbHCitjTx7H+MDA2dqb42+H+18zOz01OnXhucHb08PjExPnWpHlPOLmPOlgfi/47PVedq5yer1Rs3F+ZPr8qpq350tUwog4Y7rUkZNNIpaGRoZGR4eGRk+INm79n3Jpx55dwrZ4eGuodWyci+VREP6KBlb3lk/d28/Rdx2KJKo/1PJjKeqVzJ69mXapu/0YxlJtP525lysbXzm5ba/xOnahvW29r+N1v57pbZR8qn43muOdq7TvvfNtOd/Lud9/J+buXNLGQh83ln1zPa2b9LqWUq45nNdMYzmfP1KdXmlGrO5UzOZChv5HKOZjbVXMx4JlLLbK5mNnOpZbJ+dM2klvOZy3RmUk1/RvNiqhnOuZzL6VRTy2CuZjpXMpVLGcv5eik3crO+3U9vkOO9oOHNBI1sELSmud9E+78yojwpdrQdYs/Z9ms4bNVis/3f1zm0f3QnEgIAAAC23b/9PgcOP/G7vyRFnq1/Ln9xfKI2tNtpAQAAANuo/nW9Z8qXnnLo2RTe/wMAAMDDpqj/xq5I0pejjaGlX0L5EAAAAAAeEvX//z+X4ujyBO//AQAA4CHT+R77HSOKgaXb/1avN16vNyMaY0XfxfGJ2uDo9MSrwzlZv8tA/ZcGa0rrSoqe+s8PXsqxRtSxvsZr33KJZZ29ZdTw4KvDeSnHmyvS/3z58nx/m8iRRuQLjcgXWiO7siLydBkJAA+74xu0x5tt/1/KQCNi4Ei9ye8+0qYNHtKyAsBecTy3m0PNLs3atP/NXnieW6/9/88N3v+XEU/kxtHGVwoG81bezkKuZyDNbxwcbVfqUm8Eja8hDHT4NKCv+ZWFP56tZGDN5wG999a1NXY+Ixlo+4lAS7lFeldsrK5t3vgAsEuOb9gOb679H+jw/n+5zd2/S2sJALS614N924FKM2qjmM4Du7yKAMAqWmkAAAAAAAAAAAAAAAAAAAAAAAAAAADYfpu6gf8fTiYLC/PJ1u7/v7WB3vvJcOOBSjaI+fvOrM7ODHQl2a3a/zv3vVS5j/fKpjOwcmCXL0wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADsiCLpaje9kuxPMpTk1M5n9eDc2e0Etkt1a4sVd3M37+bAdqcDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBV17z/fyWN10cbk9JdSU4kuZbk/3c7x+10d7cT2DXfqD+33P+/kvRksUh3Y7en6Bkdm5meLHd/sb+c//lHH39YPjqXvbZXhbKAsoYVnUs0a2iZ0rNyqcfrS/WNzd++9Z23v1Udu1A/MC/MXZwYm7w08z/LgU8VnzS6QKgWyxOX8v3eid/+pKXQfc3KPynXtL3V9V6s1zu2tt5/bbf0OvVuws2F+ZGyprna63Pf/ebNd1tmPZFjyfP9Sf/Kmr5ePtap6djq7blS8UXxw+JAfp5r9f1fbo1isSh30cH6+j9y4+bC/OBbby9cv5fT91fkdChHk1xPejef09EU6+VTP+oqPWWtQ/Wg8ulwh/I21FLi8Drb9fH6YdN3X+tQXX8d6jps92ZGp9tm9NNvP5mT972nT3aosa3ii+LPxeX8KT9o6f+jUu7/E2l7drYpoh7ZcqS0zltxelUakfU1H2md8cbqMtc9K+95pGMEm/WjfC3/dW//V1qu/819VTYLD/561FJj+/Miuf/z4lcH17Qoy+ot0uFVLVLz6rPeMs08Dzei1snzX/Jy0n3kvq4oL3e4ojyo8/8XRX/+mjv6/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPa+IulqN72SnEhyKMnBcryaLK6OubOF+ip9xVbS3DZbyfnLp1h3RYu7uZt3c2CnMwIAAAAAAADgwbgw9vlHH39YPur/j+/Kv1eac6pJd5JDxc96Rsdmpic7FNSTXFv6l37v/eVwrXx6bHn8s3Ls6Q4L7e7XBwDgS+0fAQAA//9T8Gpj")
r0 = open(&(0x7f00000000c0)='.\x00', 0x8000, 0x80)
getdents(r0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000300)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38//file1\x00', 0x0, 0x1800, 0x0)
rename(&(0x7f0000000080)='./file0/file0\x00', 0x0)

5.789539482s ago: executing program 1 (id=1900):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x80240, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r0, 0x400455c8, 0x4)
ioctl$TCFLSH(r0, 0x400455cb, 0x2)

5.297176511s ago: executing program 0 (id=1904):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0x3, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast})
write$tun(r0, &(0x7f0000000240)={@val={0x8, 0x800}, @val={0x7, 0x0, 0x0, 0x300, 0x34}, @ipv4=@tcp={{0x5, 0x4, 0x0, 0x3c, 0x36, 0x0, 0x0, 0x0, 0x2f, 0x0, @initdev={0xac, 0x1e, 0xfe, 0x0}, @local}, {{0x1c00, 0x22eb, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}, {"4adcda08f6e83e2aa00e133f88a8"}}}}, 0x44)

5.069129514s ago: executing program 0 (id=1906):
r0 = syz_usb_connect$hid(0x3, 0x36, &(0x7f00000001c0)=ANY=[@ANYBLOB="1201000000000010d804dd000000000000010902240001000000e9090400000103000000092105000001220500090581030002"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f00000003c0)={0x2c, &(0x7f0000000100)=ANY=[@ANYBLOB="000008000000080482"], 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_usb_ep_write(r0, 0x81, 0x3, &(0x7f0000000080)="911235")

3.60381116s ago: executing program 1 (id=1917):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000140)={0x26, 'hash\x00', 0x0, 0x0, 'hmac(sm3)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
r1 = accept4(r0, 0x0, 0x0, 0x80800)
sendto$inet6(r1, &(0x7f0000000100)="58ab", 0x2, 0x84, 0x0, 0x0)

3.244289161s ago: executing program 1 (id=1918):
syz_mount_image$jfs(&(0x7f0000000380), &(0x7f00000006c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2208088, &(0x7f0000002440)=ANY=[@ANYBLOB="009c1b06223d15055c6d39aecad6836294e3e1fc38b80cd5eb20b39dc7dceb316fa1203f802b4368850fdef916202a989ea54a4e800c324c19bad386d9a72fc1de2fa7f100eae8a434158d0ed0d6a9061d60971bcf895342571bae0ea58240ebdd0f6f3dd42fa0f9754224a9c2045d2e098e01000000943549e2c2e191b7da91b8645dfdb324ceaf445cdc974884e2d5ac6dbf8b92da3a8a65176db66ca798dce71880c5e6837b5a99b6696d5003a06f62bbfb0b9ba0a6ffbfc2dd37662e077430379386d8e3abf802401b0e8382824a68cf51cde62ac99470edf8c757396564c8079d89017df3182005ec9fe433b122f1c02ca72eb68e41fc7ff69975649149ff4be64bd665e56a5fe9ef4d6ee02ff30ad838a9744100d520765c83c0178534e09d2f578bd10d3bfc68d1e75d6965613448d1045b6a0298d0804f82bc984e271c346d1e30886f81feb02b8320d47dc752b2dd23b4d8e20f2bda7ff84c57d63da96f044f8daaac7cb7132ef6", @ANYRES8=0x0, @ANYRES8, @ANYRESOCT=0x0, @ANYRES16], 0x1, 0x5e97, &(0x7f0000005e00)="$eJzs3UuPFNfZB/CnL9Nz4TWMLL2WhbIYY+dCMDBcDLnb3iRSVpEiNlmBxmMLBScRkCi2UBhrFvkGUbJIlOyzyifIHj6EF1kGCZKNV6moZs6BmkoPzQDT1TPn95OaqqdOVfcp/n2druoTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAED88Ps/PteLiKu/SguWI/4vBhH9iMW6XomIxZXlvP4wIl6PreZ4rV59PqLefuufYxEXI+L+0YiHj+6s1YvPP2M//n3k/4/9868/OP37v/3u3sk/nnq73f6n9X/c+8nddFsAAADAnlRVVfXSx/zj6fN9v+tOAQBTkV//qyQvV6vVarVaffjqpmq8u80iIjaa29TvGe6OuzIAYHZtxBddd4EOyb9ow4g40nUngJnmuPvD6eGjO2u9lG+v+Xqwst2ejwXZkf9G7/H5HbtNJ2kfYzKt+9dmDOLVXfqzOKU+zJKcf7+d/9Xt9lFab7/zn5bd8h9tn/pUnJz/oJ1/y+HJvz82/1Ll/Id7yn8gfwAAAAAAmGH57//LU/v+t7fjerP5l7M7Ez3t+9+VKfUBAAAAAAAAAF62Fx3/7zHj/wEAAMDMqj+r1/589Mmy3T5j18uv9CJeaa0PFCadLLPUdT8AAAAAAAAAAAAAoCTD7WN4r/Qi5iLilaWlqqrqS1O73qsX3f6gK33/oWRdP8kDAMC2+0db5/L3IhYi4kr6rb+5paWlqlpYXKqWqsX5/H52NL9QLTY+1+ZpvWx+9AxviIejqr6yhcZ2TZM+L09qb19ffVujavAMHZuODgMHgIjYfjV66BXpkKmqY9H1uxwOBo//w8fjn2fR9f0UAAAA2H9VVVW99HPex9N3/v2uOwUATEV+/W9/L6BWq9Vqtfrw1U3VeHebRURsNLep3zPcHXdlAMDs2ogvuu4CHZJ/0YYR8XrXnQBmWq/rDrAvHj66s9ZL+faarwdpfPd8LMiO/Dd6W9vl7cdNJ2kfYzKt+9dmDOLVXfrz2pT6MEty/v12/le320dpvf3Of1p2y7/ez+UO+tO1nP+gnX/L4cm/Pzb/UuX8h3vKfyB/AAAAAACYYfnv/8u+/827DAAAAAAAAAAHzsNHd9byea/5+/8vjVnP+Z+HU86/J/8i5fz7rfy/1lpv0Jh/8P6T/P/16M7aj/7w+fE8fdb85/NML92zeuke0Uu31Bum6XPv2vy4hZtzg1F9S3O9/mCYjvmp5j6M63Ej1mN1x7r99P/xpP3cjva6p3Pprrzdfn5H+3C7vbH9hR3tc+l3B6rF3H4m1uLncSM+2Gqv2+Yn7P/ChPZqQnvOf+DxX6Sc/7BxqfNfSu291rT24LP+/zzum9Nxt/Peb+/dX93/3ZloMwaP962p3r8THfRn6//kyCh+eWv95plfX7t9++a5SJMdS89HmrxkOf+5dHn8/P/mdnt+3m8+Xh98Ntpz/rNiM4a75v9mY77e35NT7lsXcv6jdMn5f5Daxz/+D3L+uz/+T3XQHwAAAAAAAAAAAAAAAHiaqqq2ThF9LyIupfN/ujo3EwCYrvz6XyV5uVqtVqvV6sNXN1XjvdssIuLvzW3q9wy/GXdlAMAs+09EfN51J+iM/AuWf++vnr7VdWeAqbr1yac/vXbjxvrNW133BAAAAAAAAAB4Xnn8z5XG+M9vRcRya70d47++HysvOv7nMM88HmD0+Qf63ovN/mjQbww3/kY8ffzvE/H08b+HE25vbkL7aEL72EHMGxYmtI890aMh5/9GY7zzOv/jreHXSxj/tT3mfQly/ica9+c6/6+21mvmX/3lIOff35H/2dsf/+LsrU8+PX3942sfrX+0/rOLq6uXLlx+Z/Xy6tkPr99YT/922OP9lfPPY187DrQsOf+cufzLkvP/cqrlX5ac/1dSLf+y5Pzz+z35lyXnnz/7yL8sOf+TqZZ/WXL+X0+1/MuS8z+VavmXJef/dqrlX5ac/+lUy78sOf8zqZZ/WXL+Z1Mt/7Lk/PM3XPIvS84/H9kg/7Lk/M+nWv5lyflfSLX8y5Lzv5hq+Zcl5/9OquVflpz/pVTLvyw5/8upln9Zcv7fSLX8y5Lz/2aq5V+WnP+3Ui3/suT8v51q+Zcl5/+dVMu/LDn/76Za/mXJ+X8v1fIvS87/3VTLvyxPfv/fjBkzZvJM189MAAAAAAAAAAAAAEDbNA4n7nofAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+C87cCAAAAAAAOT/2ghVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV2IEDAQAAAAAg/9dGqKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsLevcbIdZZ3AD97c9YOly2E4IYAG8cEkyzZ9T2mNZhbSRPSUiC0pRfj2mtj8K1em1sjxSi0RGrURiof4EO5Fal8qYgAVVSlyJVagQQS+UQrtQ2pAlVEoTW0H6AibDUz7/PuzHivZzb2zDm/nxQ/9uyZmXfOvDO7/3X+awAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoN1Nr5398FBRFI3/mr9MFMUzGr/fODnR+OPWV1ztFQIAAAC9eqr566Vn5wsOrOJKbcd89UXf/OL8/Px88dh3X/b8j8zP5w9MFsXENUXR/Fh48p6/3dp+TPJAMT403Pbn4RXufmSFj4+u8PGxFT6+YYWPX7PCx8dX+PhlJ+AyG1vfj2ne2Nbmbydap7S4rhhrfmzrItd6YOia4eH4Xk7TUPM682NHi+PFiWK2mOk4vnXsUPP4L9/UuK87i7iv4bb7urGxQ3543+FYw1A6x1s77mvhNsMPXl1M/uiH9x1+08cev2GxueJp6Li91jq3bWms80PpktZah4pr8jmJdQ63rfPGRZ6TkY51DjWv1/h99zovrXKdIwvLvKK6n/PxYrj5+0eb52m0/dt6+TzdmC778c1FUVxYWHb3MZfdVzFcbOq4ZHjh+Rlv7cjGbTS20nOK0TXt05tWsU8b88jWzn3a/ZqI5/+mdL3RJdbQ/jT94IMbLnve17pPQ+NRL/Va6d6D6/1a6Zc9GPvi0eaDfnDRPbg1Pf77bll6Dy66dxbZg/lxt+3BLSvtweENI8015ydhqHmdhT24veP4keY9DTXnk7csvwenz508Mz33/g+8/PjJQ8dmj82e2jUzs2fn3t0ze2emjx4/MZt+LXm2+9+mYji/BrakcxevgZd2Hdu+Vec/tX6vw/FlXocTXceu9+twtPvBDV2ZF+Tle7r12nhr46SPPzRcLPEaaz4/t/b+OsyPu+11ONr2Olz0c8oir8PRVbwOG8ecuXV1X7OMtv232Bqers8FE217sPvrke49uN5fj/TLHhxP++Jfb136c8GNab0PTq3165GRy/ZgfrjpvadxSf56f/yO5lhsX97Q+MC1G4rzc7Nnb3/foXPnzm4v0rgintu2V7r366a2x1Rctl+H17xfD3z469+4YZHLJ9K5Gn9545fxJZ+rxjG7bl/+uWp+dlv8fHZcuqNIY51d6fO52GfzxvnMWXKZ89k45kPTvX8tnnNp2/vv2BLvv5H7f9a8n635ph4YGRttvX5H8tkZ63g/7nyqRpvvXUPN+740vbr347H035V+P75umffjzV3Hrvf78Vj3g4v346GVvtvRm+7nczztkxMzy78fN47ZvGOte3J02ffjm9McSuf/ZSkp5FzUtneW2rf5vkZHx9LjGo176NynOzuOH0vZrHFfn91Rbp9uu7l1WyP50S24Uvt0suvY9d6n+f1qqX06tNJ338rpfj7H0764bufy+7RxzMVdvb93bozftr13blhpD46NbGiseSxvwtb7/fzG2IO3F4eL08WJ4kjzoxua+2moeV9Tu1e3Bzek/670e+XmZfbgtq5j13sP5s9jS+29odHLH/w66H4+x9O++Oju5fdg45jX7V3fr123pUvyMW1fu3Z/f22p73nd0HWans7veTXW+Q97l//ebOOYE3esNWcuf55uS5dcu8h56n79LvWaOlJcmfO0Oa3z+3csfZ4a62kc85F9q9xPB4qi+MLdB5rf701/v/L589/6YsffuxxofexL+xZu67KvOhb7e58v3H3g4j/f9ZO1PEYA+tvPmr9u3dT6XNf2N1Or+ft/AAAAYCBE7h9OM5P/AQAAoDIi98f/FZ7J/wAAAFAZkftH08xqkv8f/Lfnvfun9xe5mT+fxMfjNJx5onVcdFw/mf48Ob+gcflrPvOPX3/7/au77+GiKH56178sevyDT8S6Wh5O65z8dufll9n87VXd/zvuXTiuvQM4kW4/Hk/3Nvjyfz/RvN7kvta8eNfF5nzzhQcfaHz80r7Wn6M7+eT/tI7781TmPXD07zuuv+2x1v1tfWz5xxXX+9wbN979grct3F9cb2jLs5oP46OvbN1u/Nybh1/bOv5SOm6p9f/dH3/2c43j3/eSxdd///Di638y3e530vzJU63L289p489xvT9M64/7i+vd/umvLLr+R97QOv6R9Lx8Ms3u9b/6T1/4VPv5ivXH/Rx4vHW9uP+Zv/6P5vXi9uL2u9c//qonOs5H9+1f/Hzrdva/539H2o+Py+N+8r57vPN5btxO+34Ln/2jix3nufj31vX+pmv9cXtnHl98/bd1rfPM9k3N6y9VGf/47HcWfbyxngN/9WjH43nke+n8veae5u2O/zjtx/Tx/3u4dXvdPy3h0e91vp/E8Z+caL0u4/amu9b/cNf6L7y4ce5WXv+dP2qt/5FXfbXz+fjP1joO/KA1V1r/sU98s+P6n/pW6/k4+96pU6fnzh+PDvVE+tk/Z77bur1rxjduuvYZz3zWs9N7ZfefD54+987Zs5MzkzNFMTmAPxLv6V7/p9P8r9a4sN63f19RFO9t+7x26+tb+6940aU/efGdn3lnHPdPr2td/tDdrc9bL03HPZwuv5Ce77idj3+s9fmw1/XH/Sw183pX6fzXPrxnVQemx//Rm65vvsqGLrYu7n6/Kite548/r/N1/9hbW/NL6bzOp5/MvOX6rzWP677/+NkID72l9fqOr+Ti+r2u/y/T833Pd1q3H7eb15u+jvnK5s73x3h+vnR/108amGj9FI8L6f2juND6eBwVX1M9dOn6tSxzSXPvn5s+cfzU+fdNn5udOzc99/4PHDx5+vypcwebP5vz4LtWuv7C63tT8/V9ZHbPrqL5aj/dGk+zq73+M/cePrJ35pYjs0cPnT967t4zs2ePHZ6bOzx7ZO6WQ0ePzr53pesfP7J/+459O/fumDp2/Mj+O/bt27lv6vip041ltBa1gj0z7546dfZg8ypz+3ft2757966ZqZOnj8zu3zszM3V+pes3PzdNNa79nqmzsycOnTt+cnZq7vgHZvdv37dnz44Vf7rfyTNH5yanz54/NX1+bvbsdOuxTJ5rXtz43LfS9aFh7hMbF/08NZS+et9+257881kbPvPBJW+qdUjXDxD9fvpZNN/4iz/bvZo/R+4fSzOrSf4HAACAOojcvyHNTP4HAACAyojcf02amfwPAAAAlRG5fzzNrCb5X/9f/1//X/8/6P/r/5eh/6//X4b+v/7/IKxf/1//n971W/8/cv/Goqhl/gcAAIA6iNy/Kc1M/gcAAIDKiNx/bZqZ/A8AAACVEbn/GWlmNcn/+v/6//r/+v9B/1//vwz9f/3/MvT/9f8HYf36//r/9K7f+v+R+5+ZZlaT/A8AAAB1ELn/WWlm8j8AAABURuT+Z6eZyf8AAABQGZH7J9LMapL/9f/1//X/9f+D/r/+fxn6//r/Zej/6/8Pwvr1//X/6V2/9f8j9/9cmllN8j8AAADUQeT+56SZyf8AAABQGZH7n5tmJv8DAABAZUTuvy7NrCb5X/9f/79/+v8LtVj9f/1//f/Bof+v/1+G/r/+/yCsX/9f/5/e9Vv/P3L/89LMapL/AQAAoA4i91+fZib/AwAAQGVE7n9+mpn8DwAAAJURuX9zmllN8r/+v/5///T//fv/Qf9f/3+Q6P/r/5eh/6//Pwjr1//X/6d3/db/j9z/82lmNcn/AAAAUAeR+29IM5P/AQAAoDIi978gzUz+BwAAgMqI3H9jmllN8r/+v/6//r/+f9D/1/8vQ/9f/78M/X/9/0FYv/6//j+967f+f+T+F6aZ1ST/AwAAQB1E7n9Rmpn8DwAAAJURuf/FaWbyPwAAAFRG5P7JNLOa5H/9f/1//X/9/6D/r/9fhv6//n8Z+v/6/4Owfv1//X9612/9/8j9N6WZ1ST/AwAAQB1E7t+SZib/AwAAQGVE7r85zUz+BwAAgMqI3L81zawm+V//X/9f/1//P+j/6/+Xof+v/1+G/r/+/yCsX/9f/5/e9Vv/P3L/S9LMapL/AQAAoA4i99+SZib/AwAAQGVE7n9pmpn8DwAAAJURuX9bmllN8r/+v/6//r/+f9D/1/8vQ/9f/78M/X/9/0FYv/6//j+967f+f+T+l6WZ1ST/AwAAQB1E7r81zUz+BwAAgMqI3H9bmpn8DwAAAJURuX8qzawm+V//X/9f/1//P+j/6/+Xof+v/1+G/r/+/yCsX/9f/5/e9Vv/P3L/y9PMapL/AQAAoA4i99+eZib/AwAAQGVE7p9OM5P/AQAAoDIi98+kmdUk/+v/6//r/+v/B/1//f8y9P/1/8vQ/9f/H4T16//r/9O7fuv/R+7fnmZWk/wPAAAAdRC5f0eamfwPAAAAlRG5f2eamfwPAAAAlRG5f1eaWU3yv/6//r/+v/5/0P/X/y9D/1//vwz9f/3/QVi//r/+P73rt/5/5P7daWY1yf8AAABQB5H796SZyf8AAABQGZH796aZyf8AAABQGZH770gzq0n+1//X/9f/1/8P+v/6/2Xo/+v/l6H/r/8/COu/Iv3/B5b+MQD6/1RBv/X/I/fvSzOrSf4HAACAOojc/4o0M/kfAAAAKiNy/y+kmcn/AAAAUBmR+38xzawm+V//X/9f/1//P+j/6/+Xof+v/1+G/r/+/yCs37//r/9P7/qt/x+5f3+aWU3yPwAAANRB5P5XppnJ/wAAAFAZkftflWYm/wMAAEBlRO4/kGZWk/yv/6//r/+v/x/0/wek//8HqzjmCtL/1/8vQ/9f/38Q1q//r/9P7/qt/x+5/9VpZjXJ/wAAAFAHkftfk2Ym/wMAAEBlRO5/bZqZ/A8AAACVEbn/dWlmNcn/+v/6//r/+v9B/39A+v99Rv9f/78M/X/9/0FYv/6//j+967f+f+T+16eZ1ST/AwAAQB1E7v+lNDP5HwAAACojcv8b0szkfwAAAKiMyP13ppnVJP/r/+v/P139/w3pNvT/2/ad/n+T/r/+/1ro/+v/F2vp/w+lV7D+f9PV7s8P+vr1//X/6V2/9f8j9/9ymllN8j8AAADUQeT+u9LM5H8AAACojMj9d6eZyf8AAABQGZH735hmVpP83/f9/3SH+v9L9v+f2Zj92P8P+v9t+07/v0n/X/9/LfT/9f8L//5/aVe7Pz/o69f/1/+nd/3W/4/cf0+aWU3yPwAAANRB5P5fSTNrz/9L/WUZAAAAMBAi9/9qmpm//wcAAIDKiNz/pjSzmuT/vu//J/r/g/fv/wf9/7Z9p//fpP+v/78W+v/6/4X+f2lXuz8/6OvX/9f/p3f91v+P3P9raWY1yf8AAABQB5H735xmJv8DAABAZUTuf0uamfwPAAAAlRG5/61pZjXJ//r/+v/6//r/Qf9f/78M/X/9/zL0//X/B2H9+v/6//Su3/r/kfvvTTOrSf4HAACAOojc/7Y0M/kfAAAAKiNy/6+nmcn/AAAAUBmR+38jzawm+V//X/9f/1//P+j/6/+Xof+v/1+G/r/+/yCsX/9f/5/e9Vv/P3L/b6aZ1ST/AwAAQB1E7n97mpn8DwAAAJURuf+30szkfwAAAKiMyP2/nWZWk/yv/6//r/+v/x/0//X/y9D/1/8vQ/9f/38Q1q//r/9P7/qt/x+5/3fSzGqS/wEAAKAOIvf/bpqZ/A8AAACVEbn/YJqZ/A8AAACVEbn/HWlmNcn/+v/6//r/+v9B/1//vwz9f/3/MvT/9f8HYf36//r/9K7f+v+R+w+lmdUk/wMAAEAdRO7/vTQz+R8AAAAqI3L/4TQz+R8AAAAqI3L/kTSzmuR//X/9f/1//f+g/6//X4b+v/5/Gfr/+v9huSfkaq9/vfr/I4X+P/XVb/3/yP2zaWY1yf8AAABQB5H7j6aZyf8AAABQGZH7j6WZyf8AAABQGZH735lmVpP8r/+v/6//r/8f9P/1/8vQ/9f/L0P/X/9/ENbv3//X/6d3/db/j9x/PM2sJvkfAAAA6iBy/7vSzOR/AAAAqIzI/e9OM5P/AQAAoDIi959IM6tJ/tf/1//X/9f/D/r/+v9l6P/r/5eh/6//Pwjr1//X/6d3/db/j9x/Ms2sJvkfAAAA6iBy/6k0M/kfAAAAKiNy/+k0M/kfAAAAKiNy/5k0s5rkf/1//X/9f/3/oP+v/1+G/r/+fxn6//r/g7B+/X/9f3rXb/3/yP2/n2ZWk/wPAAAAdRC5/2yamfwPAAAAlRG5fy7NTP4HAACAyojcfy7NrCb5X/9f/1//X/8/6P/r/5eh////7N3Vi2DZEcfxJiTQT/lv4+7u7u6+cXd3d3d3z0NIuqpCspuEPXdm99yqz+eloBeWw9AP82P4cvX/K/T/+v8zvF//r//nuN36/9z9d4hbhux/AAAAmCB3/x3jFvsfAAAA2sjdf6e4xf4HAACANnL33zluGbL/9f/6f/2//j/p//X/K/T/+v8V+n/9/xner//X/3Pcbv1/7v67xC1D9j8AAABMkLv/rnGL/Q8AAABt5O6/W9xi/wMAAEAbufvvHrcM2f/6f/2//l//n/T/+v8V+n/9/wr9v/7/DO/X/+v/OW63/j93/z3iliH7HwAAACbI3X/PuMX+BwAAgDZy998rbrH/AQAAoI3c/feOW4bsf/2//l//r/9P+n/9/wr9v/5/hf5f/3+G9+v/9f8ct1v/n7v/PnHLkP0PAAAAE+Tuv2/cYv8DAABAG7n77xe32P8AAADQRu7++8ctQ/a//l//r//X/yf9v/5/hf5f/79C/6//P8P79f/6f47brf/P3f+AuGXI/gcAAIAJcvc/MG6x/wEAAKCN3P0PilvsfwAAAGgjd/+D45Yh+1//r//X/+v/k/5f/79C/6//X6H/1/+f4f36f/0/x+3W/+fuf0jcMmT/AwAAwAS5+x8at9j/AAAA0Ebu/ofFLfY/AAAAtJG7/+Fxy5D9r//X/+v/9f9J/6//X6H/1/+v0P/r/8/wfv2//p/jduv/c/c/Im4Zsv8BAABggtz9j4xb7H8AAABoI3f/o+KW/9z/l7fkqwAAAIBrKXf/o+OWIf/+r//X/+v/9f9J/6//X6H/1/+v0P/r/8/wfv2//p/jduv/c/c/Jm4Zsv8BAABggtz9j41b7H8AAABoI3f/4+IW+x8AAADayN3/+LhlyP7X/+v/9f/6/6T/1/+v0P/r/1fo//X/Z3i//l//z3G79f+5+58QtwzZ/wAAADBB7v4nxi32PwAAALSRu/9JcYv9DwAAAG3k7n9y3DJk/+v/9f/6f/1/0v/r/1fo//X/K/T/+v8zvF//r//nuN36/9z9T4lbhux/AAAAmCB3/1PjFvsfAAAA2sjd/7S4xf4HAACANnL3Pz1uGbL/9f/6f/2//j/p//X/K/T/+v8V+n/9/xner//X/3Pcbv1/7v5nxC1D9j8AAABMkLv/mXGL/Q8AAABt5O5/Vtxi/wMAAEAbufufHbcM2f/6f/2//l//n/T/+v8VDfv/q18B/b/+X/+v/9f/6/85bLf+P3f/c+KWIfsfAAAAJsjd/9y4xf4HAACANnL3Py9usf8BAACgjdz9z49bhux//b/+X/+v/0/6f/3/iob9v+//X1zr/v/yRj/R/+v/z/B+/b/+n+N26/9z978gbhmy/wEAAGCC3P0vjFvsfwAAAGgjd/+L4hb7HwAAANrI3f/iuGXI/tf/6//1//r/pP/X/6/Q/zft/29z4fv/+n/9v/5f/89hu/X/uftfErcM2f8AAAAwQe7+l8Yt9j8AAAC0kbv/ZXGL/Q8AAABt5O5/edwyZP/r//X/+n/9f9L/6/9X6P+b9v/X9Pv/N6b/1/+f4f36f/0/x+3W/+fuf0XcMmT/AwAAwGndjO2eu/+VcVf+HwAAAMDecve/Km6x/wEAAKCN3P2vjluG7H/9v/5/j/7/houber/+X/9/of/fnv5f/79C/6//P8P7r1P/n7+m+n9G2K3/z93/mrhlyP4HAACACXL33xC32P8AAADQRu7+18Yt9j8AAAC0kbv/dXHLkP2v/9f/79H/z/z+/6X+/9/+PPX/+v+bov/X/1/o/5fd2v382d/v+//6f47brf/P3f/6uGXI/gcAAIAJcve/IW6x/wEAAKCN3P1vjFvsfwAAAGgjd/+b4pYh+1//r//X//v+f9L/6/9X6P/1/yv0//r/M7xf/6//57jd+v/c/W+OW4bsfwAAAJggd/9b4hb7HwAAANrI3f/WuMX+BwAAgDZy978tbhmy//X/+n/9v/4/6f/1/yv0//r/Ffp//f8Z3q//1/9z3G79f+7+t8ctQ/Y/AAAATJC7/x1xi/0PAAAAbeTuf2fcYv8DAABAG7n73xW3DNn/+n/9v/5f/5/0//r/Ffp//f8K/b/+/wzv1//r/zlut/4/d/+745Yh+x8AAAAmyN3/nrjF/gcAAIA2cve/N26x/wEAAKCN3P3vi1uG7H/9v/5f/6//T/p//f8K/b/+f4X+X/9/hvfr//X/HLdb/5+7//1xy5D9DwAAABPk7v9A3GL/AwAAQBu5+z8Yt9j/AAAA0Ebu/g/FLUP2v/5f/6//1/8n/b/+f4X+X/+/Qv+v/z/D+/X/+n+O263/z93/4bhlyP4HAACACXL3fyRusf8BAACgjdz9H41b7H8AAABoI3f/x+KWIftf/6//1//r/5P+X/+/Qv+v/1+h/9f/n+H9+n/9P8ft1v/n7v943DJk/wMAAMAEufs/EbfY/wAAANBG7v5Pxi32PwAAALSRu/9T/7y3/dd/GLL/9f/6f/2//j/p//X/K/T/+v8V+n/9/xner//X/3Pcbv3/1e6/vPh03DJk/wMAAMAEufs/E7fY/wAAANBG7v7Pxi32PwAAALSRu/9zccuQ/a//1//r//X/Sf+v/1+h/9f/r9D/6//P8H79v/6f43br/3P3fz5uGbL/AQAAYILc/V+IW+x/AAAAaCN3/xfjFvsfAAAA2sjd/6W4Zcj+1//r/3v1/1cpnv7/iv7/iv7/+tL/6/9X6P/1/2d4v/5f/89xu/X/ufu/HLcM2f8AAAAwQe7+r8Qt9j8AAAC0kbv/q3GL/Q8AAABt5O7/WtwyZP/r//X/vfr/K/r/K/r/K/r/60v/r/9fof/X/5/h/fp//T/H7db/5+7/etwyZP8DAADABLn7vxG32P8AAADQRu7+b8Yt9j8AAAC0kbv/W3HLkP2v/9f/6//1/0n/r/9fof/X/6/Q/+v//5vbb/R+/b/+n+N26/9z9387bhmy/wEAAGCC3P3fiVvsfwAAAGgjd/934xb7HwAAANrI3f+9uGXI/tf/6//1//r/pP/X/6/Q/+v/V+j/9f9neL/+X//Pcbv1/7n7vx+3DNn/AAAAMEHu/h/ELfY/AAAAtJG7/4dxi/0PAAAAbeTu/1HcMmT/6//1//p//X/S/+v/V+j/9f8r9P/6/zO8X/+v/+e43fr/3P0/jluG7H8AAACYIHf/T+IW+x8AAADayN3/07jF/gcAAIA2cvf/LG4Zsv/1//p//b/+P+n/9f8r9P/6/xX6f/3/Gd6v/9f/c9z/6v/j7/y3aP+fu//nccuQ/Q8AAAAT5O7/Rdxi/wMAAEAbuft/GbfY/wAAANBG7v5fxS1D9r/+X/+v/9f/J/2//n+F/l//v0L/r/8/w/v1//p/jtvt+/+5+38dtwzZ/wAAADBB7v7fxC32PwAAALSRu/+3cYv9DwAAAG3k7v9d3DJk//+//v92cW/F/j+foP/X/+v/9f/6/w3p//X/K/T/+v8zvF//r//nuN36/9z9v49bhux/AAAAmCB3/x/iFvsfAAAA2sjd/8e4xf4HAACANnL3/yluGbL/ff9f/6//1/8n/b/+f4X+X/+/Ynz//48f6/+3f7/+X//Pcbv1/7n7/xy3DNn/AAAAMEHu/r/ELfY/AAAAtJG7/69xi/0PAAAAbeTu/1vcMmT/6//1//p//X/S/+v/V+j/9f8rxvf/vv9/ivfr//X/HLdb/5+7/+8BAAD//xKBZe0=")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x28)
ioctl$EXT4_IOC_GROUP_ADD(r0, 0xc0185879, &(0x7f00000000c0)={0x4, 0x9669, 0x2000, 0x4, 0x20000000, 0xa, 0x2401})
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)

2.866051193s ago: executing program 0 (id=1922):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000280)={0x0, 0x1, 0xb, 0x3, 0x0, 0x0, 0xfc, 0x0, 0x4f, 0xff, 0x5, 0x0, 0x8, 0x81}, 0xe)
shutdown(r0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={<r1=>0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x0, @local}]}, &(0x7f0000000240)=0x10)
setsockopt$inet_sctp6_SCTP_CONTEXT(r0, 0x84, 0x11, &(0x7f0000000040)={r1, 0x3ff}, 0x8)

2.088635638s ago: executing program 2 (id=1923):
mmap$IORING_OFF_CQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xd4f163e6ee09ede3, 0x4c033, 0xffffffffffffffff, 0x8000000)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x109341, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
close_range(r1, r1, 0x0)
mprotect(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x1)

1.943876336s ago: executing program 0 (id=1926):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f00000024c0)={@val={0x0, 0x800}, @val={0x0, 0x0, 0x3}, @ipv4=@icmp={{0x9, 0x4, 0x1, 0x16, 0x2c, 0x65, 0x0, 0x4, 0x1, 0x0, @remote, @broadcast, {[@generic={0x94, 0xf, "f00c8e76d0966f9a2b2407c08a"}]}}, @address_reply={0x12, 0x0, 0x0, 0xffff}}}, 0xff04)

1.781433386s ago: executing program 3 (id=1927):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000600)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_ctr_aes256\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
r1 = accept4(r0, 0x0, 0x0, 0x80000)
recvmsg$can_raw(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000140)=""/103, 0x67}], 0x1}, 0x40010022)

1.626646255s ago: executing program 2 (id=1928):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r1=>0x0})
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x6, 0xb, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x100}, [@printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x1}}]}, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r2, r1, 0x25, 0x0, @val=@kprobe_multi=@syms={0x1, 0x0, 0x0, 0x0, 0x8000000000000001}}, 0x30)
syz_emit_ethernet(0x7a, &(0x7f00000001c0)={@local, @empty, @void, {@ipv6={0x86dd, @gre_packet={0x1, 0x6, "d40040", 0x44, 0x2f, 0x0, @remote, @local, {[], {{0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x88be, 0x0, 0x1}, {0x1}, {}, {0x8, 0x88be, 0x3, {{0xc, 0x1, 0x8, 0x1, 0x1, 0x0, 0x4, 0x10}, 0x1, {0x7b40}}}, {0x8, 0x22eb, 0x2, {{0x3, 0x2, 0x2, 0x3, 0x0, 0x0, 0x1, 0x9}, 0x2, {0x3, 0xeb, 0x0, 0xd, 0x1, 0x1, 0x1, 0x1, 0x1}}}, {0x8, 0x6558, 0x3}}}}}}}, 0x0)

1.553837409s ago: executing program 1 (id=1929):
syz_mount_image$ocfs2(&(0x7f00000002c0), &(0x7f0000000140)='./file1\x00', 0x8c0, &(0x7f0000000500)=ANY=[@ANYBLOB="61636c2c6865617274626561743d6e6f6e652c6572726f72733d72656d6f756e742d726f2c636f686572656e63793d66756c6c2c636f686572656e63793d66756c6c2c6c6f63616c666c6f636b732c6572726f72733d72656d6f756e742d726f2c61636c2c00a9b504852143b698d2e379891a0dde7f9adfca8cc85bf8e749e04e", @ANYRES16, @ANYRESOCT, @ANYRES16], 0x11, 0x445c, &(0x7f0000004a80)="$eJzs3c9vE9kdAPA3k1ASyo+EcqBSpVoqUqu2ihJOtEFqEgIhgZSKFlT1YpzEQFonRolT9YBEekPtqVIPVQ9oV9pbTij/APsn7GWP7BlpOexlpZXQemV7HDwTezFgh2X1+Rw89vvtfGee3xwmL05U7q5u5lY3c4X1XHn59ubZ3N/Lpa21YogPSNv+Dx1c/3TnNc+TsN37Numhaxcu/fHm2RA+Xvn0WbVarYaawdDWRMv7L7+4v9x6bIozdWrttm+tV/4SQji1b1w1AyGEPycDmk7SZpLjcAjhWAghCiHcvP/vW7kejebx0+L5/IvFh7uTZxZ2Hu12/u5RCP8v/fjXd9Y+/9nA5Ge/7FH3AAAAAAAAAAAAAAAAAAC85+auX7vxh/GJ8CQKgzvR/ud155Jjp+djqz3z005D/FdPvzAAAAAAAAAAAAAAAAAAAAB8B718/j8XnWzz/P9scpzqUL/6uw4Zh3s7Tvpj/vfXZi+OTyT7v0f78s8lSc+nB8Jom33fs/u/T2fqt9//PWl04O3H3xxfs9+REMVj1Qd7+SMhjsfGQvgw2fj9dHQkLpU3K7+6Xd5aX3n7/t936fg3NstPnQXJ/vndxn8m037/9///UcietbXPt/afyrSRjn/nC/Kjf0Zdxf9Cpt5BxJ83l47/YD1tuLXAVGMCqMX/P4Ovjv9spv1+xf94CCEX1caaS80AtTVMLb3TeoW0dPwP1dNSU2fyh+x0/X+Vif/FTPud4n+i/vqDHnyD9vP/dvaHiLbS8W/EYyhV4uX1Pxp3vv6bc8alTPvv4ve/Nv5tv/9dScc/uWkbTBWp/yW7nf/nMu33K/434mScx6PUGbATNdI7/b860tLxH9qXfy5q3KU9n467Wv9dztT/1vu/Hmje/zX7rd//tdyH/CJq3P/RXjr+wx3LdXv9z2fq9Xv+n6qv/3hT6fgfqael184j9ddu47+Qab9f8a+vSoaa8X85n3x9uJH+gfVfV9Lx/2EjMW4tsV1/ra//onTcq9Xqg+z6/0qm/Xex/quNfzvub6/fF+n4H+1Yrhb/T7r4/b+aqdf/+Icwbq3/xtLxP5bJnapWq4139et/6NXxX8y00O/4/7yfjQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC8B2aS40iI4rHU5zgeGwvhQvL5dDgSLRVW8kul8vLfNkOYTdJz4WR0p1ReKpTyq+vllWK+UCqVl0O4mOSfCkPRZqlcya8V7l3aa2s4ulssbFSWioVKCGEuSf9JONZsa2m1sla4F0K4vJd3Ii5v3LtbWM+vrG78dnx8fDzM741hNCr+o1JcrzR6b+SGsLBXdyRqGVw9+8reWI5Gfy1vbawXSvX0qy11SuXlQqmlzmKS998wGlU2ttaXC5VivlS+0+zvXZpKjrPz1/90/erEvvxbUeM4c7DDAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOA1PZn8zf9CCIONT3EIYar5JmpX/vHT4vn8i8WHu5NnFnYe7T7rVA4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Bt24EAAAAAAAMj/tRGqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsEvHKBEDURiA34yF2nkMq5B0tgmKaGFE8AR6DA8Tj+IlvIOFha2FCGYGNO5Cmt3q+5oH+Xl5PyQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKxzeTfe37ZdRIqjr8OIl8fXt9/5dZnTMM+82D/YU0924+pmPL9ou/Ld07/8rDx67/NP+vnx9BAbZvU8/N1f/k+zeud4a69pWNe/9qt3TyLlJiL6kp+mnJtm3bsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+GYHDgQAAAAAgPxfG6GqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoKO3AsAAAAACDM3zqKvg0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgVwAAAP//xmUngw==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0xc4042, 0x1ff)
lseek(r0, 0x100000000, 0x2)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000140), 0x2000, 0x0)
sendfile(r0, r1, 0x0, 0x20fffe82)

1.500902312s ago: executing program 3 (id=1930):
socket$alg(0x26, 0x5, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000040)=0x3, 0xac5)
syz_clone3(&(0x7f0000000900)={0x23800000, &(0x7f0000000040)=<r0=>0xffffffffffffffff, 0x0, 0x0, {0x27}, 0x0, 0x0, 0x0, 0x0}, 0x58)
io_setup(0x8, &(0x7f0000000600)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001300)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x5, 0x6, r0, 0x0}])

1.439745485s ago: executing program 0 (id=1931):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000400)={<r0=>0xffffffffffffffff})
r1 = syz_io_uring_setup(0x117, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x3a6}, &(0x7f0000000000)=<r2=>0x0, &(0x7f0000000200)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffc00, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000000c0)=@IORING_OP_SENDMSG={0x9, 0x40, 0x0, r0, 0x0, 0x0, 0x0, 0x20040000})
io_uring_enter(r1, 0x47f6, 0x80ffff, 0x0, 0x0, 0x0)

1.420325677s ago: executing program 2 (id=1932):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
dup3(r0, r1, 0x0)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000300), r1)
sendmsg$NL80211_CMD_VENDOR(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)={0x28, r2, 0x1, 0xfffffffe, 0x25dfdbfb, {{}, {@val={0x8, 0x1, 0x1}, @void, @val={0xc, 0x99, {0x8, 0x4f}}}}}, 0x28}, 0x1, 0x0, 0x0, 0x4000001}, 0xc800)

1.280484155s ago: executing program 3 (id=1933):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000003c0)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x1000, 0x1)
r3 = gettid()
openat$cgroup_procs(0xffffffffffffffff, 0x0, 0x2, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040))
userfaultfd(0x1)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r5, 0x8933, &(0x7f0000001880)={'wg0\x00', <r6=>0x0})
r7 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000fc0), 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(r4, &(0x7f0000000b80)={0x0, 0x0, &(0x7f0000000b40)={&(0x7f0000000280)={0x40, r7, 0xa29, 0x0, 0x0, {}, [@WGDEVICE_A_IFINDEX={0x8, 0x1, r6}, @WGDEVICE_A_PRIVATE_KEY={0x24}]}, 0x40}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
sendmsg$WG_CMD_SET_DEVICE(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="010000000000000000000100000024000300a05ca84f6c9c8e3853e2fd7a70ae0fb20fa152600cb00845174f08076f8d784308000100", @ANYRES32=r6], 0x40}}, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="14"], &(0x7f0000000180), 0x0)
open_by_handle_at(0xffffffffffffff9c, &(0x7f00000000c0)=ANY=[], 0x0)
r8 = openat(0xffffffffffffff9c, 0x0, 0x2, 0x96)
pwrite64(r8, &(0x7f0000000140)='2', 0x155c2, 0x8000c64)
timerfd_settime(r8, 0x1, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x3938700}}, &(0x7f0000000200))

1.267347366s ago: executing program 0 (id=1934):
r0 = syz_usb_connect(0x2, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="120100007e3dc410cd0621013ddd0102030109021b000100094000090485000189fe1f000905820220"], 0x0)
syz_mount_image$iso9660(&(0x7f0000000040), &(0x7f0000000000)='./file1\x00', 0x0, &(0x7f0000001b80)=ANY=[@ANYBLOB="6f76657272696465726f636b7065726d2c6d61703d61636f726e006e6f726f636b2c636865636b3d737472696374417569643d9721ef90623583ed5123b3070144fb280273f30b45c79e0d37beafbb1cd74b26cce6da72a7153f5e94fb5f50da5826553307e4f2596ae419d8d26f7849d735e450ebce2e270ef62960a97062a5180c249bf15c76f7d0759f3e1a1a219892b91c378ead2c553b96cc2c736f4e01d63472a5937001c45ae6c91c39e23b8b2ed5d090d82ad51ec6ecc232e5ddb6c35e0c6583de9967d5800446ae4e167f95b0d0524d227fc1fe38b1d9bed178be6fc06fc90f7b3efd9b706e398ca4079c627e9c75592780e9f4379e4f107ae964177c", @ANYRESHEX=0x0, @ANYBLOB=',map=normal,nocompress,session=0x0000000000000042,fsmagic=0x0000000000000001,mask=MAY_READ,\x00'], 0x4, 0x649, &(0x7f0000000e80)="$eJzs3V1v29Ydx/EfZdlWPCAYtqEIgjQ5TVYgwTJFkhsHRnYxjqJsdpIokPRgAwOKrLGLIHK6JRmw+KbwzR6A7g3srje72IsYsOu9i10OKLa7AbvhQFKULOvJjmW7Xb8fwxFF/nnOn+cYPGAkHgoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMhy6pVK1VLTa29tm8mceuC3pmzPSlvUvWzh3sx6JSv5Vamka9mqa98bbH4n+ee2bmTvbqiUvJR08K13vv34u8VCvv+UhN6GTlvgqzcHz590u7sv55zIV4AKJwjacNte6Hste8M1Xuib9bW1yoPNRmgaXtMNd8LIbRkncAuRH5i7zj1TXV9fNW55x99qb9TtppuvfPTDWqWyZj5c7nX/gw/LobPpNZteeyONSTYnMY/M5z/PQly7Zczes+7u6qwkk6DqSYJqs4JqlVqtWq3VqmsP1x8+qlSKIysqx2gkYu5/tPiamd/JGzijQjL+/8OSmiqprS1ty4z9cVRXIF+tCdt78vH//Qfu1HqPjv/5KH9tsPm60vH/Zvbu5qTxf0IuRibdYdwWa8L6t/t5pTc60HM9UVdd7erlfMq9Nb8Mz/dnQypKnkL58tSSrQ25Mr01Ruta05oq+kibaiiUUUOemnIVakehIrlqpX0SyJWtSL4CGd2Vo3sqqap1rWtVRq7K2pGvLbW1obps/SeO4z09S9t9dUqOyoOqJwmqTQmaNP7/4rPs75Tx/5suP3+dJAa4dHHv+v+Ubp1PNgAAAAAA4DxY6f++W+ln9+9KitXwmm7lstMCAAAAAABzlH7yfyN5WUyW3pU14fo/7i8VLjI/AAAAAABwdlZ6j50laSX9Ur81uBNq4pcAjtwtsHBBaQIAAAAAgDNIr+VvLklxOvfaLVmzr/8BAAAAAMDXy++PzLFfzOfYjfOP9QuSws6y9dd/LStYtA4729+39u1ki73fixn5BkDUuG5d7U3Um74sSUrfOe4Na/BgACv9LWVvvtybNde/FRxLYGlh+KsIfUvHE1gr9t7pc72XxbzXq/fpQUHplqyWlYbXdMuO33xclW1fLUTudvTrF89+IwX949x71t0tf/xp92may2Gy6nA/yeOzoXQK4xtjkMvrdL6F9J6LcUd8RY28yj+0WytWWm8lP/4F2fuFoxVN64BBnb/V7Szm9kr2unKQ90B6/KXk+KvltMsGR5/ODmFl/ZVOpn/8yMd1xIQsSmkWd7KYO3fvZC95fr0sfrAg1cqjfRAsWoO2qB3NYnZbWP8eaYsZWSRtsZpk8bekoAlZrJ4ui5EeAYDLsjcYhdJJzEfn2D8+7r7NWW726P7j4Vpe/ynObjhckIq9zyam1lJScka/m8UsKT2xFq+POaNXeuNKSRPO6JUzjG5JXX8ZPAOpl/ZIFv+N4/hxNa33j/16s1H1i2SHLybWGzZrC0kTPni9/8t0AvzEJ7uf7L6o1VbXKh9UKg9rWkwPo/fC2AMAGGP2M3ZmRlgf9K+qn/7z/WxpaMT7Tv8rBWV9rE/V1VPdzx8hcGt8qStHvoZwf/SqNYm9Ih2Prer+xKu6dCw9Elvrxy4q32V4pB7Erp5zLwAAcLFuzxiHTzL+38+vu+9eH3vdPTyWH39C8KTY6gW3BAAA3xxu8KW1Ev3OCgKv81F1fb1qR5uuCXznpybw6huu8dqRGzibdnvDNZ3Aj3zHb5pOoGWv7oYm3Op0/CAyDT8wHT/0ttMnv5veo99Dt2W3I88JO03XDl3j+O3IdiJT90LHdLZ+0vTCTTdIdw47ruM1PMeOPL9tQn8rcNyyMaHrHgn06m478hpestg2ncBr2cGO+Znf3Gq5pu6GTuB1Ij8rMK/Lazf8oJUWW1Z86gcdAgDw/+jVm4PnT7rd3ZdTFg41O6a3sDSuwMs+RgAAMIxRGgAAAAAAAAAAAAAAAAAAAACAr76T3P93qoXFcTcLSv01v7p6onIszTux0ywU3n73v0+JudJfkzf/0ZjDiSWfQzflJWcLxfmXfEU6+W2jc1j40V7WohNjko1jNy33+6J4lnaO4zidQXt004s/T9grjuN4esnLw224NO0AhxeKkl4unaELLuV0BOAC/S8AAP//JJtBjA==")
syz_open_dev$loop(&(0x7f0000000100), 0x2, 0x2001)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0x3a4, &(0x7f0000000040)=ANY=[@ANYRESDEC=r0])
syz_usb_control_io$cdc_ncm(r0, &(0x7f00000001c0)={0x14, 0x0, &(0x7f0000000100)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0)

1.267114516s ago: executing program 2 (id=1935):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x6, 0x4, &(0x7f0000000100)=ANY=[@ANYBLOB="1800000002000000000000000000000085000000bc00000095"], &(0x7f0000000200)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x4e, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r2=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r0, r2, 0x25, 0x0, @val=@iter={0x0}}, 0x20)
syz_emit_ethernet(0x2a, &(0x7f0000000e80)={@link_local, @local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x2, 0x0, 0xfe, 0x11, 0x0, @local, @multicast1}, {0x0, 0x4e20, 0x8}}}}}, 0x0)

438.821024ms ago: executing program 3 (id=1936):
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000080)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x200, 0xfffffffd}}, 0x10)
r1 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r1, &(0x7f0000000040)=@name={0x1e, 0x2, 0x0, {{0x42, 0x3}}}, 0x10)
sendmsg$tipc(r0, &(0x7f00000000c0)={&(0x7f0000000140)=@name={0x1e, 0x2, 0x2, {{0x42, 0x4}}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2004c0d0}, 0x4000044)

288.532843ms ago: executing program 3 (id=1937):
r0 = socket(0x1e, 0x1, 0x0)
connect$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), r1)
sendmsg$TIPC_CMD_GET_NODES(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)={0x1c, r2, 0x1, 0x4, 0x0, {{}, {0x0, 0x6}}}, 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x0)

239.538966ms ago: executing program 2 (id=1938):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x200, 0x0)
close(r0)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x1a1102, 0x0)
ioctl$TUNSETOFFLOAD(r0, 0xc004743e, 0x110e22fff3)
ioctl$TUNGETVNETLE(r0, 0x40047452, &(0x7f0000000180))

213.241807ms ago: executing program 3 (id=1939):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000700)=0x14)
r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000006c0), 0x68000, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x1)
ioctl$TIOCVHANGUP(r1, 0x5437, 0x200000000000000)

0s ago: executing program 2 (id=1940):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f0000000000)={0x1, 0x0, [{0xd, 0x7f, 0x91a0, 0x5, 0x2}]})
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000400)={0x1, 0x0, [{0xc0010140, 0x0, 0xfffffffffffffff7}]})

kernel console output (not intermixed with test programs):

ocess `syz.1.846'.
[  620.477229][ T9702] netlink: 8 bytes leftover after parsing attributes in process `syz.1.846'.
[  620.566015][ T9704] loop3: detected capacity change from 0 to 256
[  621.040066][ T9715] netlink: 20 bytes leftover after parsing attributes in process `syz.1.850'.
[  621.083096][ T9713] C: renamed from team_slave_0
[  621.094365][ T9706] loop3: detected capacity change from 0 to 32768
[  621.127258][ T9706] XFS (loop3): Mounting V5 filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d in no-recovery mode. Filesystem will be inconsistent.
[  621.151124][ T9713] netlink: 'syz.2.849': attribute type 3 has an invalid length.
[  621.181735][ T9706] XFS (loop3): Metadata corruption detected at xfs_dinode_verify+0x2e5/0x11d0, inode 0x1803 dinode
[  621.194085][ T9706] XFS (loop3): Unmount and run xfs_repair
[  621.203831][ T9706] XFS (loop3): First 128 bytes of corrupted metadata buffer:
[  621.208856][ T9713] netlink: 152 bytes leftover after parsing attributes in process `syz.2.849'.
[  621.223708][ T9713] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  621.257983][ T9706] 00000000: 49 4e 41 ed 03 01 00 00 00 00 00 00 00 00 00 00  INA.............
[  621.267180][ T9706] 00000010: 00 00 00 02 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  621.279374][ T9706] 00000020: 34 f7 58 68 a5 a5 b6 11 34 f7 58 68 a5 e2 bf 3d  4.Xh....4.Xh...=
[  621.288372][ T9706] 00000030: 34 f7 58 68 a5 e2 bf 3d 00 00 00 00 00 00 00 20  4.Xh...=....... 
[  621.297813][ T9706] 00000040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  621.306852][ T9706] 00000050: 00 00 00 02 00 00 00 00 00 00 00 00 ca e6 3d c1  ..............=.
[  621.315926][ T9706] 00000060: ff ff ff ff 6e d0 e3 2d 00 00 00 00 00 00 00 04  ....n..-........
[  621.325000][ T9706] 00000070: 00 00 00 03 00 00 00 10 00 00 00 00 00 00 00 06  ................
[  621.399571][ T5762] XFS (loop3): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  624.808526][ T9756] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  628.562182][ T9788] loop3: detected capacity change from 0 to 4096
[  628.589665][ T9788] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512).
[  628.642939][ T9788] ntfs3: loop3: Mark volume as dirty due to NTFS errors
[  628.651892][ T9788] ntfs3: loop3: mft corrupted
[  628.661351][ T9788] ntfs3: loop3: Failed to load $Extend (-22).
[  628.667877][ T9788] ntfs3: loop3: Failed to initialize $Extend.
[  628.713066][ T9788] ntfs3: loop3: ino=1b, "file0" failed to parse mft record
[  628.722882][ T9788] ntfs3: loop3: ino=1b, "file0" attr_set_size
[  628.904476][ T9796] netlink: 144 bytes leftover after parsing attributes in process `syz.3.877'.
[  629.064976][ T9802] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  629.073819][ T9802] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  630.284361][ T9802] netlink: 8 bytes leftover after parsing attributes in process `syz.1.881'.
[  630.323536][ T9812] netlink: 20 bytes leftover after parsing attributes in process `syz.3.879'.
[  630.616312][ T9820] netlink: 20 bytes leftover after parsing attributes in process `syz.1.885'.
[  631.280880][ T9823] Unknown options in mask b7f2
[  631.492103][ T9834] usb usb2: check_ctrlrecip: process 9834 (syz.3.888) requesting ep 01 but needs 81
[  631.492353][ T9833] netlink: 8 bytes leftover after parsing attributes in process `syz.1.890'.
[  631.501829][ T9834] usb usb2: usbfs: process 9834 (syz.3.888) did not claim interface 0 before use
[  632.858263][ T9841] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  632.867345][ T9841] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  632.925285][ T9841] netlink: 8 bytes leftover after parsing attributes in process `syz.1.894'.
[  635.397443][ T9872] loop0: detected capacity change from 0 to 256
[  635.638769][ T9872] exfat: Deprecated parameter 'utf8'
[  635.695985][ T9874] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  635.759699][ T9874] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  635.780922][ T9877] netlink: 8 bytes leftover after parsing attributes in process `syz.2.907'.
[  635.833555][ T9872] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xd67973f8, utbl_chksum : 0xe619d30d)
[  635.947263][ T9872] exFAT-fs (loop0): error, found bogus dentry(12) beyond unused empty group(11) (start_clu : 5, cur_clu : 5)
[  636.412652][ T9892] netlink: 20 bytes leftover after parsing attributes in process `syz.3.915'.
[  636.445769][ T9884] loop1: detected capacity change from 0 to 32768
[  636.520052][ T9884] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  636.668111][ T5765] ocfs2: Unmounting device (7,1) on (node local)
[  636.725284][ T9898] loop0: detected capacity change from 0 to 4096
[  636.785833][ T9907] loop1: detected capacity change from 0 to 1024
[  636.814476][ T9898] ntfs: (device loop0): check_mft_mirror(): $MFT and $MFTMirr (record 1) do not match.  Run ntfsfix or chkdsk.
[  636.859962][ T2920] hfsplus: b-tree write err: -5, ino 4
[  636.993196][ T9909] loop1: detected capacity change from 0 to 4096
[  637.005538][ T9909] ntfs3: loop1: Different NTFS sector size (4096) and media sector size (512).
[  637.052531][ T9898] ntfs: (device loop0): load_system_files(): $MFTMirr does not match $MFT.  Mounting read-only.  Run ntfsfix and/or chkdsk.
[  637.234214][ T9909] ntfs3: loop1: failed to convert "c46c" to euc-jp
[  637.243815][ T9898] ntfs: (device loop0): ntfs_read_locked_inode(): First extent of $DATA attribute has non zero lowest_vcn.
[  637.412815][ T9898] ntfs: (device loop0): ntfs_read_locked_inode(): Failed with error code -5.  Marking corrupt inode 0xa as bad.  Run chkdsk.
[  637.483898][ T9917] netlink: 20 bytes leftover after parsing attributes in process `syz.2.921'.
[  637.499985][ T9898] ntfs: (device loop0): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default.
[  637.527922][ T9898] ntfs: volume version 3.1.
[  637.595338][ T9898] ntfs: (device loop0): ntfs_check_logfile(): Did not find any restart pages in $LogFile and it was not empty.
[  637.615527][ T9898] ntfs: (device loop0): load_system_files(): Failed to load $LogFile.  Will not be able to remount read-write.  Mount in Windows.
[  637.718563][ T9898] ntfs: (device loop0): ntfs_lookup_inode_by_name(): Index entry out of bounds in directory inode 0x5.
[  637.764256][ T9898] ntfs: (device loop0): check_windows_hibernation_status(): Failed to find inode number for hiberfil.sys.
[  637.839945][ T9898] ntfs: (device loop0): load_system_files(): Failed to determine if Windows is hibernated.  Will not be able to remount read-write.  Run chkdsk.
[  637.867019][ T9915] loop3: detected capacity change from 0 to 32768
[  637.918253][ T9915] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  638.089125][ T9915] XFS (loop3): Ending clean mount
[  638.118119][ T9915] XFS (loop3): Quotacheck needed: Please wait.
[  638.205201][ T9915] XFS (loop3): Quotacheck: Done.
[  638.306106][ T9926] loop1: detected capacity change from 0 to 32768
[  638.344159][ T9926] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  638.357776][ T5762] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  638.400877][ T9946] netlink: 'syz.2.930': attribute type 3 has an invalid length.
[  638.539634][ T9946] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.930'.
[  639.211508][ T9926] XFS (loop1): Ending clean mount
[  639.308477][ T9926] syz.1.927: attempt to access beyond end of device
[  639.308477][ T9926] loop1: rw=4096, sector=3546894483, nr_sectors = 1 limit=32768
[  639.396257][ T5765] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  639.534153][ T9955] netlink: 20 bytes leftover after parsing attributes in process `syz.0.931'.
[  639.723139][ T9960] loop1: detected capacity change from 0 to 256
[  639.772729][ T9960] FAT-fs (loop1): Directory bread(block 64) failed
[  639.785439][ T9960] FAT-fs (loop1): Directory bread(block 65) failed
[  639.793008][ T9960] FAT-fs (loop1): Directory bread(block 66) failed
[  639.799641][ T9960] FAT-fs (loop1): Directory bread(block 67) failed
[  639.807837][ T9960] FAT-fs (loop1): Directory bread(block 68) failed
[  639.817554][ T9960] FAT-fs (loop1): Directory bread(block 69) failed
[  639.825929][ T9960] FAT-fs (loop1): Directory bread(block 70) failed
[  639.834900][ T9960] FAT-fs (loop1): Directory bread(block 71) failed
[  639.842985][ T9960] FAT-fs (loop1): Directory bread(block 72) failed
[  639.851525][ T9960] FAT-fs (loop1): Directory bread(block 73) failed
[  639.936832][ T9953] loop3: detected capacity change from 0 to 32768
[  639.978770][ T9953] ERROR: (device loop3): xtTruncate: XT_GETPAGE: xtree page corrupt
[  639.978770][ T9953] 
[  639.998382][ T9953] ERROR: (device loop3): remounting filesystem as read-only
[  640.432429][ T9971] loop3: detected capacity change from 0 to 4096
[  640.461257][ T9971] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512).
[  640.484572][ T9972] netlink: 20 bytes leftover after parsing attributes in process `syz.1.937'.
[  640.550805][ T9971] ntfs3: loop3: Failed to initialize $Extend/$Reparse.
[  640.571729][ T9978] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  640.604390][ T9978] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  640.637544][ T9978] netlink: 8 bytes leftover after parsing attributes in process `syz.0.939'.
[  640.750989][ T9983] loop3: detected capacity change from 0 to 1024
[  640.789562][ T9983] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  640.858234][ T9983] EXT4-fs warning (device loop3): ext4_rmdir:3243: inode #11: comm syz.3.942: empty directory 'file1' has too many links (111)
[  640.907553][ T5762] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  642.847687][T10001] loop0: detected capacity change from 0 to 256
[  643.149822][T10001] FAT-fs (loop0): Directory bread(block 64) failed
[  643.258121][T10001] FAT-fs (loop0): Directory bread(block 65) failed
[  643.277475][T10001] FAT-fs (loop0): Directory bread(block 66) failed
[  643.295094][T10001] FAT-fs (loop0): Directory bread(block 67) failed
[  643.302646][T10008] netlink: 20 bytes leftover after parsing attributes in process `syz.3.947'.
[  643.321105][T10001] FAT-fs (loop0): Directory bread(block 68) failed
[  643.377304][T10011] netlink: 'syz.2.951': attribute type 2 has an invalid length.
[  643.385919][T10011] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.951'.
[  643.398839][T10001] FAT-fs (loop0): Directory bread(block 69) failed
[  643.435902][T10001] FAT-fs (loop0): Directory bread(block 70) failed
[  643.444418][T10001] FAT-fs (loop0): Directory bread(block 71) failed
[  643.452301][T10001] FAT-fs (loop0): Directory bread(block 72) failed
[  643.462934][T10001] FAT-fs (loop0): Directory bread(block 73) failed
[  643.718064][T10018] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  643.751193][T10018] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  645.030764][T10018] netlink: 8 bytes leftover after parsing attributes in process `syz.2.953'.
[  645.074620][T10029] loop3: detected capacity change from 0 to 512
[  645.126443][T10029] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  645.143974][T10029] ext4 filesystem being mounted at /265/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  645.275955][T10036] xt_CT: You must specify a L4 protocol and not use inversions on it
[  645.330037][ T5762] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  645.451227][T10038] loop3: detected capacity change from 0 to 256
[  645.468112][T10038] exfat: Deprecated parameter 'utf8'
[  645.503133][T10038] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xbe675ead, utbl_chksum : 0xe619d30d)
[  645.573943][T10038] overlay: filesystem on ./file0 not supported
[  645.754120][T10046] ip6gre1: entered promiscuous mode
[  645.959477][T10053] netlink: 20 bytes leftover after parsing attributes in process `syz.2.962'.
[  646.084082][T10059] netlink: 20 bytes leftover after parsing attributes in process `syz.1.965'.
[  646.123054][T10062] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  646.132020][T10062] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  646.147640][T10062] netlink: 8 bytes leftover after parsing attributes in process `syz.3.967'.
[  646.347343][T10072] loop3: detected capacity change from 0 to 4096
[  646.359190][T10072] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512).
[  646.443831][T10072] ntfs3: loop3: failed to convert "c46c" to maccroatian
[  646.820382][T10087] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  646.834165][T10082] netlink: 20 bytes leftover after parsing attributes in process `syz.3.977'.
[  646.849232][T10087] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  646.874414][T10087] netlink: 8 bytes leftover after parsing attributes in process `syz.1.979'.
[  649.553086][T10103] loop1: detected capacity change from 0 to 164
[  649.823537][T10105] damon-dbgfs: DAMON debugfs interface is deprecated, so users should move to DAMON_SYSFS. If you cannot, please report your usecase to damon@lists.linux.dev and linux-mm@kvack.org.
[  650.194341][T10113] netlink: 20 bytes leftover after parsing attributes in process `syz.1.988'.
[  651.906111][T10129] loop3: detected capacity change from 0 to 64
[  652.171124][T10131] loop3: detected capacity change from 0 to 4096
[  652.185030][T10131] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512).
[  652.340981][T10131] ntfs3: loop3: Mark volume as dirty due to NTFS errors
[  652.476088][T10131] ntfs3: loop3: failed to convert "c46c" to cp874
[  653.224635][T10142] netlink: 20 bytes leftover after parsing attributes in process `syz.3.998'.
[  653.688039][T10150] loop1: detected capacity change from 0 to 512
[  653.702554][T10150] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  653.722190][T10150] EXT4-fs error (device loop1): ext4_orphan_get:1398: inode #15: comm syz.1.1000: iget: bogus i_mode (3355)
[  653.734374][T10150] EXT4-fs error (device loop1): ext4_orphan_get:1403: comm syz.1.1000: couldn't read orphan inode 15 (err -117)
[  653.752222][T10150] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  653.805513][T10150] EXT4-fs error (device loop1): empty_inline_dir:1867: inode #12: block 7: comm syz.1.1000: bad entry in directory: rec_len % 4 != 0 - offset=4, inode=4278190093, rec_len=255, size=60 fake=0
[  653.854460][T10150] EXT4-fs warning (device loop1): empty_inline_dir:1874: bad inline directory (dir #12) - inode 4278190093, rec_len 255, name_len 0inline size 60
[  653.975159][ T5765] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  654.959590][T10172] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1006'.
[  655.066140][T10176] netdevsim netdevsim1: Direct firmware load for ..€ failed with error -2
[  655.190732][T10176] netdevsim netdevsim1: Falling back to sysfs fallback for: ..€
[  655.221286][T10178] loop0: detected capacity change from 0 to 4096
[  655.464782][T10184] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  655.714165][T10185] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1011'.
[  657.417374][T10198] loop0: detected capacity change from 0 to 1024
[  657.703527][ T7215] hfsplus: b-tree write err: -5, ino 4
[  658.649170][T10211] loop1: detected capacity change from 0 to 512
[  658.692815][T10211] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002]
[  658.701740][T10211] EXT4-fs (loop1): orphan cleanup on readonly fs
[  658.709682][T10211] EXT4-fs warning (device loop1): ext4_enable_quotas:7184: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[  658.730757][T10211] EXT4-fs (loop1): Cannot turn on quotas: error -22
[  658.740605][T10211] EXT4-fs error (device loop1): ext4_ext_check_inode:520: inode #13: comm syz.1.1015: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  658.764985][T10211] EXT4-fs error (device loop1): ext4_orphan_get:1403: comm syz.1.1015: couldn't read orphan inode 13 (err -117)
[  658.779226][T10211] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  660.032167][T10211] EXT4-fs error (device loop1): ext4_lookup:1858: comm syz.1.1015: inode #15: comm syz.1.1015: iget: illegal inode #
[  660.111178][ T5765] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  660.120401][T10225] loop3: detected capacity change from 0 to 512
[  660.138722][T10225] FAT-fs (loop3): Unrecognized mount option "umask=0NÜ5¦kß ÎNðÏÉç ¦0000000000000000000010" or missing value
[  660.180847][T10225] tmpfs: Bad value for 'mpol'
[  660.279314][T10229] comedi comedi0: dac02: I/O port conflict (0x3,8)
[  660.506793][T10233] loop3: detected capacity change from 0 to 256
[  660.959915][ T1286] ieee802154 phy0 wpan0: encryption failed: -22
[  660.967002][ T1286] ieee802154 phy1 wpan1: encryption failed: -22
[  661.286007][T10240] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1022'.
[  661.691580][T10246] loop1: detected capacity change from 0 to 512
[  662.212178][T10252] CIFS: VFS: Malformed UNC in devname
[  662.277466][T10255] loop1: detected capacity change from 0 to 512
[  662.333641][T10255] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  663.546018][T10255] ext4 filesystem being mounted at /294/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  663.652613][T10268] loop3: detected capacity change from 0 to 8
[  663.675792][ T5765] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  663.774494][   T27] kauditd_printk_skb: 7 callbacks suppressed
[  663.774508][   T27] audit: type=1800 audit(1770745091.498:22): pid=10268 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1039" name="file1" dev="loop3" ino=5 res=0 errno=0
[  664.251945][T10277] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1041'.
[  664.898970][T10283] loop3: detected capacity change from 0 to 64
[  668.525877][T10305] netlink: 136 bytes leftover after parsing attributes in process `syz.0.1038'.
[  668.685052][T10309] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  668.697365][T10309] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  668.726540][T10309] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1051'.
[  668.918630][T10317] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1052'.
[  669.890419][T10331] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1055'.
[  670.609097][T10324] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1054'.
[  672.037318][T10343] loop1: detected capacity change from 0 to 64
[  674.037894][T10359] loop1: detected capacity change from 0 to 512
[  674.171872][T10368] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1064'.
[  674.219625][T10359] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  676.213049][ T5765] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  676.403655][T10380] loop1: detected capacity change from 0 to 4096
[  676.420042][T10380] ntfs3: loop1: Different NTFS sector size (4096) and media sector size (512).
[  676.503682][T10380] ntfs3: loop1: Failed to initialize $Extend/$Reparse.
[  676.670040][ T5765] ntfs3: loop1: ino=1a, ntfs_sync_fs failed, -22.
[  676.973735][T10393] loop1: detected capacity change from 0 to 256
[  677.057020][T10393] FAT-fs (loop1): Directory bread(block 64) failed
[  677.068121][T10393] FAT-fs (loop1): Directory bread(block 65) failed
[  677.093143][T10393] FAT-fs (loop1): Directory bread(block 66) failed
[  677.099763][T10393] FAT-fs (loop1): Directory bread(block 67) failed
[  677.115300][T10393] FAT-fs (loop1): Directory bread(block 68) failed
[  677.134102][T10393] FAT-fs (loop1): Directory bread(block 69) failed
[  677.143469][T10393] FAT-fs (loop1): Directory bread(block 70) failed
[  677.163727][T10393] FAT-fs (loop1): Directory bread(block 71) failed
[  677.172681][T10393] FAT-fs (loop1): Directory bread(block 72) failed
[  677.181635][T10393] FAT-fs (loop1): Directory bread(block 73) failed
[  677.368072][T10388] loop3: detected capacity change from 0 to 32768
[  677.374347][T10397] loop0: detected capacity change from 0 to 1024
[  677.404216][T10388] ERROR: (device loop3): xtSearch: XT_GETPAGE: xtree page corrupt
[  677.404216][T10388] 
[  677.446046][T10388] ERROR: (device loop3): remounting filesystem as read-only
[  677.463577][T10388] xtLookup: xtSearch returned -5
[  677.506065][T10388] ERROR: (device loop3): xtSearch: XT_GETPAGE: xtree page corrupt
[  677.506065][T10388] 
[  677.516746][T10388] ERROR: (device loop3): xtSearch: XT_GETPAGE: xtree page corrupt
[  677.516746][T10388] 
[  677.520230][T10397] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  677.529465][T10388] xtLookup: xtSearch returned -5
[  677.544830][T10388] ERROR: (device loop3): xtTruncate: XT_GETPAGE: xtree page corrupt
[  677.544830][T10388] 
[  677.700226][ T5764] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  677.727995][T10407] loop1: detected capacity change from 0 to 256
[  677.844562][T10410] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1078'.
[  677.938445][T10415] loop1: detected capacity change from 0 to 16
[  677.970603][T10415] erofs: (device loop1): mounted with root inode @ nid 36.
[  678.020760][   T27] audit: type=1800 audit(1770745106.468:23): pid=10415 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1082" name="file1" dev="loop1" ino=86 res=0 errno=0
[  678.172697][T10421] mac80211_hwsim hwsim8 wlan0: entered promiscuous mode
[  678.223723][T10419] mac80211_hwsim hwsim8 wlan0: left promiscuous mode
[  678.353778][T10429] netlink: 'syz.3.1089': attribute type 29 has an invalid length.
[  679.635577][T10437] loop3: detected capacity change from 0 to 256
[  679.656965][T10437] FAT-fs (loop3): Unrecognized mount option "coDepage=865" or missing value
[  679.901437][T10440] loop3: detected capacity change from 0 to 2048
[  679.942699][T10440] [EXT4 FS bs=2048, gc=1, bpg=262144, ipg=32, mo=8802c128, mo2=0002]
[  679.955466][T10440] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  680.073406][ T5762] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  680.217061][T10447] loop3: detected capacity change from 0 to 1024
[  680.290894][T10447] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  680.311712][T10447] ext4 filesystem being mounted at /310/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  680.435935][ T5762] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  680.513638][T10454] loop1: detected capacity change from 0 to 256
[  680.578804][T10454] FAT-fs (loop1): Directory bread(block 64) failed
[  680.599984][T10454] FAT-fs (loop1): Directory bread(block 65) failed
[  680.622324][T10454] FAT-fs (loop1): Directory bread(block 66) failed
[  680.636667][T10454] FAT-fs (loop1): Directory bread(block 67) failed
[  680.642584][T10438] loop0: detected capacity change from 0 to 32768
[  680.643429][T10454] FAT-fs (loop1): Directory bread(block 68) failed
[  680.658017][T10454] FAT-fs (loop1): Directory bread(block 69) failed
[  680.665499][T10454] FAT-fs (loop1): Directory bread(block 70) failed
[  680.674504][T10454] FAT-fs (loop1): Directory bread(block 71) failed
[  680.693548][T10454] FAT-fs (loop1): Directory bread(block 72) failed
[  680.712761][T10454] FAT-fs (loop1): Directory bread(block 73) failed
[  681.023765][T10438] syz.0.1087: attempt to access beyond end of device
[  681.023765][T10438] loop14: rw=0, sector=8, nr_sectors = 8 limit=0
[  681.063967][T10438] lbmIODone: I/O error in JFS log
[  681.079756][T10464] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1098'.
[  681.094077][T10438] *** Log Format Error ! ***
[  681.101196][T10438] lmLogInit: exit(-22)
[  681.110235][T10438] lmLogOpen: exit(-22)
[  682.728223][T10459] loop3: detected capacity change from 0 to 32768
[  682.793196][T10459] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  682.908442][T10459] XFS (loop3): Ending clean mount
[  683.004718][ T5762] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  683.334273][T10484] loop3: detected capacity change from 0 to 2048
[  683.341734][T10484] EXT4-fs: Ignoring removed orlov option
[  683.381283][T10484] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  683.427907][T10484] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1231: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  683.491941][ T5762] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  683.931822][T10506] capability: warning: `syz.3.1110' uses 32-bit capabilities (legacy support in use)
[  686.529946][T10545] loop1: detected capacity change from 0 to 64
[  688.637106][T10563] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1133'.
[  689.446372][T10569] loop1: detected capacity change from 0 to 256
[  690.250158][T10569] exfat: Deprecated parameter 'utf8'
[  690.347927][T10569] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xd9b3646f, utbl_chksum : 0xe619d30d)
[  690.504972][   T27] audit: type=1800 audit(1770745119.570:24): pid=10569 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1134" name="file1" dev="loop1" ino=1048679 res=0 errno=0
[  690.988659][T10588] loop0: detected capacity change from 0 to 4096
[  691.381325][ T5769] usb 1-1: new full-speed USB device number 3 using dummy_hcd
[  691.483309][T10599] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1143'.
[  693.775750][ T5769] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  693.792678][ T5769] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  693.810114][ T5769] usb 1-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00
[  693.819783][ T5769] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  693.839855][ T5769] usb 1-1: config 0 descriptor??
[  693.848583][ T5809] usb 4-1: new full-speed USB device number 2 using dummy_hcd
[  694.028399][ T5769] usbhid 1-1:0.0: can't add hid device: -71
[  694.047186][ T5769] usbhid: probe of 1-1:0.0 failed with error -71
[  694.053804][ T5809] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  694.058143][ T5769] usb 1-1: USB disconnect, device number 3
[  694.078262][ T5809] usb 4-1: New USB device found, idVendor=057e, idProduct=200e, bcdDevice= 0.00
[  694.118331][ T5809] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  694.148240][ T5809] usb 4-1: config 0 descriptor??
[  694.384843][T10615] loop1: detected capacity change from 0 to 40427
[  694.406350][T10615] F2FS-fs (loop1): invalid crc value
[  694.436126][T10615] F2FS-fs (loop1): Found nat_bits in checkpoint
[  694.497919][T10615] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  694.650823][ T5809] nintendo 0003:057E:200E.0001: hidraw0: USB HID v80.00 Device [HID 057e:200e] on usb-dummy_hcd.3-1/input0
[  694.668069][ T5769] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  694.737010][ T5809] nintendo 0003:057E:200E.0001: Failed charging grip handshake
[  694.749722][ T5809] nintendo 0003:057E:200E.0001: Failed to initialize controller; ret=-110
[  694.780887][ T5809] nintendo 0003:057E:200E.0001: probe - fail = -110
[  694.788280][ T5809] nintendo: probe of 0003:057E:200E.0001 failed with error -110
[  694.834556][ T5809] usb 4-1: USB disconnect, device number 2
[  694.867029][T10625] fido_id[10625]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory
[  694.906435][ T5769] usb 1-1: Using ep0 maxpacket: 16
[  694.934454][ T5769] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  694.963085][ T5769] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  694.976554][ T5769] usb 1-1: New USB device found, idVendor=044f, idProduct=b654, bcdDevice= 0.00
[  694.985975][ T5769] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  694.997439][ T5769] usb 1-1: config 0 descriptor??
[  695.160246][T10632] loop1: detected capacity change from 0 to 256
[  695.168658][T10632] exfat: Deprecated parameter 'namecase'
[  695.204690][T10632] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xb5fb52fc, utbl_chksum : 0xe619d30d)
[  695.378057][T10636] loop3: detected capacity change from 0 to 4096
[  695.402623][T10636] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  695.434853][T10636] EXT4-fs error (device loop3): ext4_empty_dir:3154: inode #12: block 80: comm syz.3.1155: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0
[  695.436344][ T5769] thrustmaster 0003:044F:B654.0002: hidraw0: USB HID v0.00 Device [HID 044f:b654] on usb-dummy_hcd.0-1/input0
[  695.474007][T10636] EXT4-fs warning (device loop3): ext4_empty_dir:3156: inode #12: comm syz.3.1155: directory missing '..'
[  695.540993][ T5769] thrustmaster 0003:044F:B654.0002: no inputs found
[  695.602747][ T5762] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  695.671100][  T788] usb 1-1: USB disconnect, device number 4
[  696.097534][ T5769] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  696.120479][T10649] overlayfs: failed to resolve './file0': -2
[  697.650104][ T5769] usb 4-1: Using ep0 maxpacket: 16
[  697.657681][ T5769] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  697.678153][ T5769] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  697.688324][ T5769] usb 4-1: New USB device found, idVendor=1fd2, idProduct=6007, bcdDevice= 0.00
[  697.697483][ T5769] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  697.716710][ T5769] usb 4-1: config 0 descriptor??
[  697.993643][T10662] loop0: detected capacity change from 0 to 4096
[  698.049403][T10663] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  698.121277][ T5769] hid-multitouch 0003:1FD2:6007.0003: hidraw0: USB HID v0.00 Device [HID 1fd2:6007] on usb-dummy_hcd.3-1/input0
[  698.345309][ T5769] usb 4-1: USB disconnect, device number 3
[  700.132240][T10687] loop3: detected capacity change from 0 to 32768
[  700.173939][T10687] (syz.3.1174,10687,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  700.195643][T10687] (syz.3.1174,10687,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  700.244510][T10687] JBD2: Ignoring recovery information on journal
[  701.829767][T10687] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  701.877553][T10687] (syz.3.1174,10687,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0x98842a5e, computed 0xe74db1cd. Applying ECC.
[  702.147745][ T5762] ocfs2: Unmounting device (7,3) on (node local)
[  706.241154][T10609] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  706.279579][ T5809] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  706.434902][T10609] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 128, changing to 11
[  706.447158][T10609] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  706.464462][T10609] usb 1-1: New USB device found, idVendor=04e7, idProduct=0030, bcdDevice= 0.00
[  706.470403][ T5809] usb 4-1: Using ep0 maxpacket: 32
[  706.477187][T10609] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  706.494976][ T5809] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  706.496329][T10609] usb 1-1: config 0 descriptor??
[  706.508438][ T5809] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  706.528410][ T5809] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  706.548644][ T5809] usb 4-1: New USB device found, idVendor=0458, idProduct=5011, bcdDevice= 0.00
[  706.561449][ T5809] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  706.573535][ T5809] usb 4-1: config 0 descriptor??
[  709.161146][ T5809] usbhid 4-1:0.0: can't add hid device: -71
[  709.176467][T10609] elo 0003:04E7:0030.0004: item fetching failed at offset 2/3
[  709.183699][ T5809] usbhid: probe of 4-1:0.0 failed with error -71
[  709.184664][T10609] elo 0003:04E7:0030.0004: parse failed
[  709.193523][ T5809] usb 4-1: USB disconnect, device number 4
[  709.245980][T10609] elo: probe of 0003:04E7:0030.0004 failed with error -22
[  709.325717][T10751] loop1: detected capacity change from 0 to 1024
[  709.336063][T10751] EXT4-fs: Ignoring removed nobh option
[  709.345115][T10751] EXT4-fs: Ignoring removed nomblk_io_submit option
[  709.405452][T10751] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  709.487453][T10609] usb 1-1: USB disconnect, device number 5
[  709.532819][ T5765] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  709.636913][ T5809] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  709.834523][ T5809] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  709.844653][ T5809] usb 4-1: New USB device found, idVendor=056e, idProduct=00fe, bcdDevice= 0.00
[  709.854007][ T5809] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  709.866580][ T5809] usb 4-1: config 0 descriptor??
[  710.041057][T10762] loop0: detected capacity change from 0 to 32768
[  710.074810][T10762] JBD2: Ignoring recovery information on journal
[  710.086923][T10762] jbd2_journal_bmap: journal block not found at offset 32 on loop0-75
[  710.106975][T10762] JBD2: bad block at offset 32
[  710.133444][T10762] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  710.255090][ T5764] ocfs2: Unmounting device (7,0) on (node local)
[  710.279852][ T5809] elecom 0003:056E:00FE.0005: unknown main item tag 0x0
[  710.301618][ T5809] elecom 0003:056E:00FE.0005: unknown main item tag 0x0
[  710.309856][ T5809] elecom 0003:056E:00FE.0005: unknown main item tag 0x0
[  710.317065][ T5809] elecom 0003:056E:00FE.0005: unknown main item tag 0x0
[  710.324656][ T5809] elecom 0003:056E:00FE.0005: unknown main item tag 0x0
[  710.332271][ T5809] elecom 0003:056E:00FE.0005: unknown main item tag 0x0
[  710.340803][ T5809] elecom 0003:056E:00FE.0005: unknown main item tag 0x0
[  710.358257][ T5809] elecom 0003:056E:00FE.0005: hidraw0: USB HID v0.00 Device [HID 056e:00fe] on usb-dummy_hcd.3-1/input0
[  710.464110][ T5809] usb 4-1: USB disconnect, device number 5
[  710.654209][T10776] sit0: entered promiscuous mode
[  710.665211][T10776] netlink: 'syz.0.1201': attribute type 1 has an invalid length.
[  710.690038][T10776] netlink: 1 bytes leftover after parsing attributes in process `syz.0.1201'.
[  710.702684][T10778] sch_tbf: burst 0 is lower than device lo mtu (18) !
[  712.418023][T10791] loop3: detected capacity change from 0 to 2048
[  712.462281][T10791] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  714.947915][ T5847] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  715.168700][ T5847] usb 4-1: config 220 has an invalid interface number: 76 but max is 2
[  715.186096][ T5847] usb 4-1: config 220 contains an unexpected descriptor of type 0x2, skipping
[  715.195007][ T5847] usb 4-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  715.262083][ T5847] usb 4-1: config 220 has no interface number 2
[  715.280254][ T5847] usb 4-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  715.310018][ T5847] usb 4-1: config 220 interface 0 has no altsetting 0
[  715.316888][ T5847] usb 4-1: config 220 interface 76 has no altsetting 0
[  715.324362][ T5847] usb 4-1: config 220 interface 1 has no altsetting 0
[  715.335603][ T5847] usb 4-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  715.350991][ T5847] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  715.359534][ T5847] usb 4-1: Product: syz
[  715.371977][ T5847] usb 4-1: Manufacturer: syz
[  715.377992][ T5847] usb 4-1: SerialNumber: syz
[  715.591113][ T5847] usb 4-1: selecting invalid altsetting 0
[  715.621609][ T5847] usb 4-1: Found UVC 7.01 device syz (8086:0b07)
[  715.633506][ T5847] usb 4-1: No valid video chain found.
[  715.665851][ T5847] usb 4-1: selecting invalid altsetting 0
[  715.671618][ T5847] usbtest: probe of 4-1:220.1 failed with error -22
[  715.692844][ T5847] usb 4-1: USB disconnect, device number 6
[  717.890072][T10862] loop1: detected capacity change from 0 to 4096
[  717.938845][T10862] ntfs: (device loop1): check_mft_mirror(): $MFT and $MFTMirr (record 1) do not match.  Run ntfsfix or chkdsk.
[  717.953721][T10862] ntfs: (device loop1): load_system_files(): $MFTMirr does not match $MFT.  Mounting read-only.  Run ntfsfix and/or chkdsk.
[  717.969258][T10862] ntfs: (device loop1): ntfs_read_locked_inode(): First extent of $DATA attribute has non zero lowest_vcn.
[  717.990923][T10862] ntfs: (device loop1): ntfs_read_locked_inode(): Failed with error code -5.  Marking corrupt inode 0xa as bad.  Run chkdsk.
[  718.005673][T10862] ntfs: (device loop1): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default.
[  718.036159][T10862] ntfs: volume version 3.1.
[  718.042811][T10862] ntfs: (device loop1): ntfs_check_logfile(): Did not find any restart pages in $LogFile and it was not empty.
[  718.072996][T10862] ntfs: (device loop1): load_system_files(): Failed to load $LogFile.  Will not be able to remount read-write.  Mount in Windows.
[  718.101071][T10862] ntfs: (device loop1): ntfs_lookup_inode_by_name(): Index entry out of bounds in directory inode 0x5.
[  718.129321][T10862] ntfs: (device loop1): check_windows_hibernation_status(): Failed to find inode number for hiberfil.sys.
[  718.156362][T10862] ntfs: (device loop1): load_system_files(): Failed to determine if Windows is hibernated.  Will not be able to remount read-write.  Run chkdsk.
[  718.408593][T10864] loop1: detected capacity change from 0 to 128
[  718.552236][T10868] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1230'.
[  718.720201][ T5847] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  720.175711][ T1286] ieee802154 phy0 wpan0: encryption failed: -22
[  720.182087][ T1286] ieee802154 phy1 wpan1: encryption failed: -22
[  720.218277][T10879] loop1: detected capacity change from 0 to 1024
[  720.233570][T10879] hfsplus: bad catalog entry type
[  720.282118][ T5847] usb 4-1: Using ep0 maxpacket: 32
[  720.295734][ T5847] usb 4-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  720.358465][ T5847] usb 4-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  720.400422][ T5847] usb 4-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  720.441288][ T5847] usb 4-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0
[  720.457180][ T5847] usb 4-1: Product: syz
[  720.467973][ T5847] usb 4-1: Manufacturer: syz
[  720.487638][ T5847] hub 4-1:4.0: USB hub found
[  720.750528][ T5847] hub 4-1:4.0: 6 ports detected
[  720.780907][ T5847] hub 4-1:4.0: insufficient power available to use all downstream ports
[  720.946983][ T5847] hub 4-1:4.0: hub_hub_status failed (err = -71)
[  721.004019][ T5847] hub 4-1:4.0: config failed, can't get hub status (err -71)
[  721.228664][ T5847] usb 4-1: USB disconnect, device number 7
[  722.627264][T10897] loop3: detected capacity change from 0 to 40427
[  722.650198][T10897] F2FS-fs (loop3): invalid crc value
[  722.694618][T10897] F2FS-fs (loop3): Found nat_bits in checkpoint
[  722.838142][T10897] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  722.914031][ T5762] syz-executor: attempt to access beyond end of device
[  722.914031][ T5762] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  722.930594][ T5847] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  722.945004][ T5762] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  723.121253][ T5847] usb 1-1: Using ep0 maxpacket: 16
[  723.147084][ T5847] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  723.210329][ T5847] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  723.230055][ T5847] usb 1-1: New USB device found, idVendor=1fd2, idProduct=6007, bcdDevice= 0.00
[  723.249834][ T5847] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  723.270441][ T5847] usb 1-1: config 0 descriptor??
[  724.271816][T10917] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  724.318606][T10917] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  724.425488][ T5809] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  724.512786][ T5847] hid-multitouch 0003:1FD2:6007.0006: hidraw0: USB HID v0.00 Device [HID 1fd2:6007] on usb-dummy_hcd.0-1/input0
[  724.617424][ T5809] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  724.635001][ T5809] usb 4-1: New USB device found, idVendor=0458, idProduct=500f, bcdDevice= 0.00
[  724.662448][ T5809] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  724.697443][ T5809] usb 4-1: config 0 descriptor??
[  725.409790][ T5847] usb 1-1: USB disconnect, device number 6
[  725.493376][ T5809] kye 0003:0458:500F.0007: tablet report size too small, or kye_tablet_rdesc unexpectedly large
[  725.743285][ T5809] kye 0003:0458:500F.0007: hidraw0: USB HID v0.00 Device [HID 0458:500f] on usb-dummy_hcd.3-1/input0
[  725.816471][ T5809] kye 0003:0458:500F.0007: tablet-enabling feature report not found
[  725.891754][ T5809] kye 0003:0458:500F.0007: tablet enabling failed
[  725.929449][ T5809] usb 4-1: USB disconnect, device number 8
[  726.279812][T10941] netlink: 80 bytes leftover after parsing attributes in process `syz.1.1249'.
[  726.299317][T10941] netlink: 80 bytes leftover after parsing attributes in process `syz.1.1249'.
[  726.483470][T10941] netlink: 80 bytes leftover after parsing attributes in process `syz.1.1249'.
[  727.089478][T10947] loop0: detected capacity change from 0 to 32768
[  727.114497][T10947] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 scanned by syz.0.1250 (10947)
[  727.513212][T10947] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  727.667113][T10957] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  727.721627][T10947] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[  727.869300][T10957] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  728.030597][T10947] BTRFS info (device loop0): using free space tree
[  728.094408][T10961] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  728.103576][T10961] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  728.123841][T10961] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1254'.
[  728.139589][T10961] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1254'.
[  728.317314][T10947] BTRFS info (device loop0): enabling ssd optimizations
[  728.335379][T10947] BTRFS info (device loop0): auto enabling async discard
[  728.550569][ T5769] usb 4-1: new full-speed USB device number 9 using dummy_hcd
[  728.655617][ T5764] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  728.747303][ T5769] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  728.759495][ T5769] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 2
[  728.779732][ T5769] usb 4-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  728.808034][ T5769] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  728.819996][ T5769] usb 4-1: config 0 descriptor??
[  728.828446][ T5769] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[  728.835534][ T5769] dvb-usb: bulk message failed: -22 (3/0)
[  728.880357][ T5769] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  728.913917][ T5769] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[  728.921529][ T5769] usb 4-1: media controller created
[  728.934905][ T5769] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  729.043536][ T5769] dvb-usb: bulk message failed: -22 (6/0)
[  729.054188][T10976] dvb-usb: bulk message failed: -22 (2/0)
[  729.064563][ T5769] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[  729.085200][ T5769] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.3/usb4/4-1/input/input8
[  729.107081][ T5769] dvb-usb: schedule remote query interval to 150 msecs.
[  729.124637][ T5769] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[  729.145081][ T5769] usb 4-1: USB disconnect, device number 9
[  729.215976][ T5769] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[  729.421006][T10994] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1261'.
[  729.431787][T10994] tipc: Started in network mode
[  729.438826][T10994] tipc: Node identity 68b, cluster identity 4711
[  729.499738][T10994] tipc: Node number set to 1675
[  729.530107][T10996] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  729.545176][T10996] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  729.616222][T11000] loop1: detected capacity change from 0 to 64
[  730.118432][T11010] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1264'.
[  730.849964][T11029] loop1: detected capacity change from 0 to 1024
[  730.857600][T11029] EXT4-fs: Ignoring removed oldalloc option
[  730.863533][T11029] EXT4-fs: Ignoring removed bh option
[  730.887354][T11029] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  730.949884][T11029] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  731.012498][T11027] loop0: detected capacity change from 0 to 8192
[  731.032973][T11027] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  731.053117][T11027] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal
[  731.132095][ T5765] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  731.229144][T11027] REISERFS (device loop0): using ordered data mode
[  731.235798][T11027] reiserfs: using flush barriers
[  731.346610][T11027] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  731.678483][T11027] REISERFS (device loop0): checking transaction log (loop0)
[  732.220386][T11027] REISERFS (device loop0): Using r5 hash to sort names
[  732.329348][T11027] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage.
[  732.534992][T11048] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1279'.
[  735.074466][T11070] loop1: detected capacity change from 0 to 1024
[  735.190377][ T7178] hfsplus: b-tree write err: -5, ino 4
[  736.815523][T11075] loop1: detected capacity change from 0 to 4096
[  736.921445][T11081] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  737.246027][T11088] loop1: detected capacity change from 0 to 512
[  737.277282][T11088] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  737.360468][T11091] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1292'.
[  737.430153][   T27] kauditd_printk_skb: 6 callbacks suppressed
[  737.430177][   T27] audit: type=1800 audit(1770745168.837:25): pid=11088 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1293" name="file2" dev="loop1" ino=1048685 res=0 errno=0
[  737.467491][T11088] FAT-fs (loop1): error, invalid access to FAT (entry 0x0fffff00)
[  737.478518][T11088] FAT-fs (loop1): error, invalid access to FAT (entry 0x0fffff00)
[  737.488326][T11088] syz.1.1293: attempt to access beyond end of device
[  737.488326][T11088] loop1: rw=2049, sector=17179852714, nr_sectors = 56 limit=512
[  738.528892][T11080] loop0: detected capacity change from 0 to 32768
[  738.689995][T11080] XFS (loop0): DAX unsupported by block device. Turning off DAX.
[  738.838326][T11080] XFS (loop0): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  739.098999][T11080] XFS (loop0): Ending clean mount
[  739.357378][T11080] XFS (loop0): Quotacheck needed: Please wait.
[  739.468222][T11080] XFS (loop0): Quotacheck: Done.
[  739.884981][ T5764] XFS (loop0): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  742.033081][T11145] loop1: detected capacity change from 0 to 512
[  742.106362][T11145] EXT4-fs error (device loop1): ext4_expand_extra_isize_ea:2803: inode #11: comm syz.1.1308: corrupted xattr block 95: invalid header
[  742.175291][T11145] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2853: Unable to expand inode 11. Delete some EAs or run e2fsck.
[  742.189580][T11145] EXT4-fs error (device loop1): ext4_validate_block_bitmap:430: comm syz.1.1308: bg 0: block 7: invalid block bitmap
[  742.207446][T11145] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6653: Corrupt filesystem
[  742.216908][T11145] EXT4-fs error (device loop1): ext4_xattr_delete_inode:2969: inode #11: comm syz.1.1308: corrupted xattr block 95: invalid header
[  742.257460][T11145] EXT4-fs warning (device loop1): ext4_evict_inode:272: xattr delete (err -117)
[  742.271264][T11145] EXT4-fs (loop1): 1 orphan inode deleted
[  742.278186][T11145] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  742.501067][ T5765] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  742.617787][T11151] loop3: detected capacity change from 0 to 16
[  742.660747][T11151] erofs: (device loop3): mounted with root inode @ nid 36.
[  742.793126][T11156] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  742.806281][T11156] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  743.152866][ T5922] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  743.334018][ T5922] usb 4-1: Using ep0 maxpacket: 32
[  743.340684][ T5922] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  743.351817][ T5922] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  743.361652][ T5922] usb 4-1: New USB device found, idVendor=5543, idProduct=0522, bcdDevice= 0.00
[  743.370768][ T5922] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  743.380362][ T5922] usb 4-1: config 0 descriptor??
[  743.637359][T11167] loop0: detected capacity change from 0 to 64
[  744.666102][ T5922] uclogic 0003:5543:0522.0008: item fetching failed at offset 0/2
[  744.680269][ T5922] uclogic 0003:5543:0522.0008: parse failed
[  744.686379][ T5922] uclogic: probe of 0003:5543:0522.0008 failed with error -22
[  745.433286][ T5922] usb 4-1: USB disconnect, device number 10
[  748.080779][ T5847] usb 4-1: new full-speed USB device number 11 using dummy_hcd
[  748.286872][ T5847] usb 4-1: config 0 has an invalid interface number: 29 but max is 0
[  748.299617][ T5847] usb 4-1: config 0 has no interface number 0
[  748.305971][ T5847] usb 4-1: config 0 interface 29 has no altsetting 0
[  748.318291][ T5847] usb 4-1: New USB device found, idVendor=0c72, idProduct=0014, bcdDevice=39.ac
[  748.333282][ T5847] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  748.342111][ T5847] usb 4-1: Product: syz
[  748.346589][ T5847] usb 4-1: Manufacturer: syz
[  748.351198][ T5847] usb 4-1: SerialNumber: syz
[  748.365883][ T5847] usb 4-1: config 0 descriptor??
[  748.589197][ T5847] peak_usb 4-1:0.29: PEAK-System PCAN-USB X6 v0 fw v0.0.0 (2 channels)
[  748.780791][ T5847] peak_usb 4-1:0.29 can0: sending command failure: -22
[  748.787945][ T5847] peak_usb 4-1:0.29 can0: sending command failure: -22
[  748.802950][ T5847] peak_usb 4-1:0.29 can0: sending command failure: -22
[  748.836016][T11204] bridge: RTM_NEWNEIGH bridge0 with NTF_USE is not supported
[  748.865684][ T5847] peak_usb: probe of 4-1:0.29 failed with error -22
[  748.897006][ T5922] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  750.217875][  T788] usb 4-1: USB disconnect, device number 11
[  750.223986][ T5922] usb 1-1: Using ep0 maxpacket: 16
[  750.245489][ T5922] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  750.329838][ T5922] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  750.346233][ T5922] usb 1-1: New USB device found, idVendor=1fd2, idProduct=6007, bcdDevice= 0.00
[  750.361943][ T5922] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  750.380080][ T5922] usb 1-1: config 0 descriptor??
[  750.794976][ T5922] hid-multitouch 0003:1FD2:6007.0009: unknown main item tag 0x4
[  750.824771][ T5922] hid-multitouch 0003:1FD2:6007.0009: hidraw0: USB HID v0.00 Device [HID 1fd2:6007] on usb-dummy_hcd.0-1/input0
[  750.963186][T11220] loop3: detected capacity change from 0 to 256
[  750.981956][T11220] exfat: Deprecated parameter 'namecase'
[  751.013145][T11220] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d)
[  751.029637][ T5922] usb 1-1: USB disconnect, device number 7
[  751.226245][T11224] loop3: detected capacity change from 0 to 2048
[  751.245530][T11224] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  753.574110][ T5847] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  753.639224][T11245] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  753.656941][T11245] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  753.783187][ T5847] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  753.794669][ T5847] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  753.805911][ T5847] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  753.819464][ T5847] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  753.828742][ T5847] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  753.841015][ T5847] usb 1-1: config 0 descriptor??
[  754.325147][ T5847] plantronics 0003:047F:FFFF.000A: unbalanced collection at end of report description
[  754.333155][T11255] loop1: detected capacity change from 0 to 2048
[  754.365915][T11255] EXT4-fs: Ignoring removed i_version option
[  754.375321][ T5847] plantronics 0003:047F:FFFF.000A: parse failed
[  754.385508][ T5847] plantronics: probe of 0003:047F:FFFF.000A failed with error -22
[  754.425598][T11255] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  754.457387][T11250] loop3: detected capacity change from 0 to 40427
[  754.470015][T11255] ext4 filesystem being mounted at /388/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  754.495330][T11250] F2FS-fs (loop3): build fault injection attr: rate: 690, type: 0x7ffff
[  754.513018][T11250] F2FS-fs (loop3): Image doesn't support compression
[  754.520183][T11250] F2FS-fs (loop3): Image doesn't support compression
[  754.536885][T11250] F2FS-fs (loop3): invalid crc value
[  754.551943][T11260] tipc: Started in network mode
[  754.557613][T11260] tipc: Node identity e0000001, cluster identity 4711
[  754.564569][T11260] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  754.577641][T11250] F2FS-fs (loop3): Found nat_bits in checkpoint
[  754.655755][T11250] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  754.677948][  T967] usb 1-1: USB disconnect, device number 8
[  754.697762][ T5765] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  754.724678][T11250] syz.3.1347: attempt to access beyond end of device
[  754.724678][T11250] loop3: rw=524288, sector=45072, nr_sectors = 24 limit=40427
[  754.742087][T11250] syz.3.1347: attempt to access beyond end of device
[  754.742087][T11250] loop3: rw=0, sector=45072, nr_sectors = 8 limit=40427
[  754.779090][   T27] audit: type=1800 audit(1770745187.051:26): pid=11250 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1347" name="/" dev="loop3" ino=8 res=0 errno=0
[  754.914521][ T5762] F2FS-fs (loop3): inject invalid blkaddr in f2fs_is_valid_blkaddr of f2fs_submit_page_write+0x516/0x19c0
[  754.928723][ T5762] F2FS-fs (loop3): invalid blkaddr: 513, type: 10, run fsck to fix.
[  755.029868][T11269] loop1: detected capacity change from 0 to 256
[  755.103293][T11269] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  755.797688][T11287] loop0: detected capacity change from 0 to 1024
[  755.812696][  T967] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  756.767024][  T967] usb 4-1: config 0 interface 0 altsetting 16 endpoint 0x81 has invalid wMaxPacketSize 0
[  756.784253][  T967] usb 4-1: config 0 interface 0 altsetting 16 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  756.802536][  T967] usb 4-1: config 0 interface 0 has no altsetting 0
[  756.809317][  T967] usb 4-1: New USB device found, idVendor=054c, idProduct=0268, bcdDevice= 0.00
[  756.822253][  T967] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  756.850563][  T967] usb 4-1: config 0 descriptor??
[  757.366228][  T967] sony 0003:054C:0268.000B: hiddev0,hidraw0: USB HID v80.05 Device [HID 054c:0268] on usb-dummy_hcd.3-1/input0
[  757.378390][  T967] sony 0003:054C:0268.000B: failed to claim input
[  757.563890][ T5769] usb 4-1: USB disconnect, device number 12
[  759.527483][  T967] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  759.556044][ T5847] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  759.711542][  T967] usb 1-1: config 0 interface 0 has no altsetting 0
[  759.718781][  T967] usb 1-1: New USB device found, idVendor=0c12, idProduct=0005, bcdDevice= 0.00
[  759.731118][  T967] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  759.743495][  T967] usb 1-1: config 0 descriptor??
[  759.749303][ T5847] usb 4-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[  759.758816][ T5847] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  759.770021][ T5847] usb 4-1: Product: syz
[  759.774313][ T5847] usb 4-1: Manufacturer: syz
[  759.779009][ T5847] usb 4-1: SerialNumber: syz
[  759.786576][ T5847] usb 4-1: config 0 descriptor??
[  759.931572][T11333] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1378'.
[  760.006521][ T5769] usb 4-1: USB disconnect, device number 13
[  760.293895][  T967] zeroplus 0003:0C12:0005.000C: item fetching failed at offset 0/3
[  760.302340][  T967] zeroplus 0003:0C12:0005.000C: parse failed
[  760.308632][  T967] zeroplus: probe of 0003:0C12:0005.000C failed with error -22
[  760.541424][ T5769] usb 1-1: USB disconnect, device number 9
[  761.099975][ T5769] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  761.347823][ T5769] usb 4-1: Using ep0 maxpacket: 32
[  761.354999][ T5769] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  761.372821][ T5769] usb 4-1: New USB device found, idVendor=046d, idProduct=c531, bcdDevice= 0.00
[  761.388235][ T5769] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  761.414105][ T5769] usb 4-1: config 0 descriptor??
[  763.450031][ T5769] logitech-djreceiver 0003:046D:C531.000D: item fetching failed at offset 0/1
[  763.460368][ T5769] logitech-djreceiver 0003:046D:C531.000D: logi_dj_probe: parse failed
[  763.477141][ T5769] logitech-djreceiver: probe of 0003:046D:C531.000D failed with error -22
[  763.640170][  T967] usb 4-1: USB disconnect, device number 14
[  763.867652][T11362] macsec1: entered promiscuous mode
[  763.874556][T11362] team0: entered promiscuous mode
[  763.879628][T11362] team_slave_0: entered promiscuous mode
[  763.887213][T11362] team_slave_1: entered promiscuous mode
[  763.894931][T11362] team0: Device macsec1 is already an upper device of the team interface
[  763.905683][T11362] team0: left promiscuous mode
[  763.911237][T11362] team_slave_0: left promiscuous mode
[  763.916920][T11362] team_slave_1: left promiscuous mode
[  764.304118][T11366] loop0: detected capacity change from 0 to 32768
[  764.317110][T11366] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz.0.1391 (11366)
[  764.345415][T11366] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  765.253285][T11366] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm
[  765.400519][T11366] BTRFS info (device loop0): force zlib compression, level 3
[  765.534749][T11366] BTRFS info (device loop0): enabling ssd optimizations
[  765.595629][T11366] BTRFS info (device loop0): allowing degraded mounts
[  765.685661][T11366] BTRFS info (device loop0): force clearing of disk cache
[  765.764520][T11366] BTRFS info (device loop0): using free space tree
[  765.822018][T11366] BTRFS info (device loop0): rebuilding free space tree
[  765.897329][T11366] BTRFS info (device loop0): checking UUID tree
[  766.000734][ T5764] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  766.414487][T10400] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 11 /dev/loop0 scanned by udevd (10400)
[  766.739888][T11406] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  766.749172][T11406] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  766.943427][T11409] loop1: detected capacity change from 0 to 64
[  767.339679][T11416] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1402'.
[  768.273296][ T5769] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[  769.893814][ T5769] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  769.910995][ T5769] usb 4-1: New USB device found, idVendor=046d, idProduct=c71f, bcdDevice= 0.00
[  769.921053][ T5769] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  769.932084][ T5769] usb 4-1: config 0 descriptor??
[  769.939249][  T967] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  770.081128][ T5769] usbhid 4-1:0.0: can't add hid device: -71
[  770.099798][ T5769] usbhid: probe of 4-1:0.0 failed with error -71
[  770.130081][  T967] usb 1-1: Using ep0 maxpacket: 32
[  770.135022][ T5769] usb 4-1: USB disconnect, device number 15
[  770.140725][  T967] usb 1-1: config 0 has an invalid interface number: 76 but max is 0
[  770.158241][  T967] usb 1-1: config 0 has no interface number 0
[  770.175826][  T967] usb 1-1: New USB device found, idVendor=2040, idProduct=d900, bcdDevice=a9.2c
[  770.189222][  T967] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  770.201423][  T967] usb 1-1: Product: syz
[  770.205628][  T967] usb 1-1: Manufacturer: syz
[  770.214132][  T967] usb 1-1: SerialNumber: syz
[  770.228970][  T967] usb 1-1: config 0 descriptor??
[  770.237736][  T967] dw2102: su3000_identify_state
[  770.242637][  T967] dvb-usb: found a 'Hauppauge MAX S2 or WinTV NOVA HD USB2.0' in warm state.
[  770.255485][  T967] dw2102: su3000_power_ctrl: 1, initialized 0
[  770.262087][  T967] dvb-usb: bulk message failed: -22 (2/0)
[  770.281564][  T967] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  770.291866][  T967] dvbdev: DVB: registering new adapter (Hauppauge MAX S2 or WinTV NOVA HD USB2.0)
[  770.301487][  T967] usb 1-1: media controller created
[  770.306841][  T967] dvb-usb: bulk message failed: -22 (6/0)
[  770.313401][  T967] dw2102: i2c transfer failed.
[  770.318658][  T967] dvb-usb: bulk message failed: -22 (6/0)
[  770.324459][  T967] dw2102: i2c transfer failed.
[  770.329244][  T967] dvb-usb: bulk message failed: -22 (6/0)
[  770.335022][  T967] dw2102: i2c transfer failed.
[  770.339880][  T967] dvb-usb: bulk message failed: -22 (6/0)
[  770.345607][  T967] dw2102: i2c transfer failed.
[  770.352222][  T967] dvb-usb: bulk message failed: -22 (6/0)
[  770.357973][  T967] dw2102: i2c transfer failed.
[  770.362974][  T967] dvb-usb: bulk message failed: -22 (6/0)
[  770.368760][  T967] dw2102: i2c transfer failed.
[  770.373535][  T967] dvb-usb: MAC address: 02:02:02:02:02:02
[  770.392534][  T967] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  770.410562][  T967] dvb-usb: bulk message failed: -22 (3/0)
[  770.416396][  T967] dw2102: command 0x0e transfer failed.
[  770.422504][  T967] dvb-usb: bulk message failed: -22 (3/0)
[  770.428268][  T967] dw2102: command 0x0e transfer failed.
[  770.539157][ T5769] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  770.713134][ T5769] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  770.724368][ T5769] usb 4-1: New USB device found, idVendor=056a, idProduct=0028, bcdDevice= 0.00
[  770.733989][ T5769] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  770.742165][  T967] dvb-usb: bulk message failed: -22 (3/0)
[  770.742227][  T967] dw2102: command 0x0e transfer failed.
[  770.742270][  T967] dvb-usb: bulk message failed: -22 (3/0)
[  770.742283][  T967] dw2102: command 0x0e transfer failed.
[  770.742292][  T967] dvb-usb: bulk message failed: -22 (1/0)
[  770.742304][  T967] dw2102: command 0x51 transfer failed.
[  770.777047][T11425] dvb-usb: bulk message failed: -22 (3/0)
[  770.783498][  T967] DVB: Unable to find symbol ds3000_attach()
[  770.783513][  T967] dvb-usb: no frontend was attached by 'Hauppauge MAX S2 or WinTV NOVA HD USB2.0'
[  770.804182][ T5769] usb 4-1: config 0 descriptor??
[  770.825969][T11425] dw2102: i2c transfer failed.
[  770.901359][  T967] rc_core: IR keymap rc-su3000 not found
[  770.909218][  T967] Registered IR keymap rc-empty
[  770.919623][  T967] rc rc0: Hauppauge MAX S2 or WinTV NOVA HD USB2.0 as /devices/platform/dummy_hcd.0/usb1/1-1/rc/rc0
[  770.941546][  T967] input: Hauppauge MAX S2 or WinTV NOVA HD USB2.0 as /devices/platform/dummy_hcd.0/usb1/1-1/rc/rc0/input9
[  770.957334][  T967] dvb-usb: schedule remote query interval to 150 msecs.
[  770.964430][  T967] dw2102: su3000_power_ctrl: 0, initialized 1
[  770.971403][  T967] dvb-usb: Hauppauge MAX S2 or WinTV NOVA HD USB2.0 successfully initialized and connected.
[  771.015720][  T967] usb 1-1: USB disconnect, device number 10
[  771.086528][  T967] dvb-usb: Hauppauge MAX S2 or WinTV NOVA HD USB2. successfully deinitialized and disconnected.
[  771.810804][ T5769] wacom 0003:056A:0028.000E: Unknown device_type for 'HID 056a:0028'. Assuming pen.
[  772.078588][ T5769] wacom 0003:056A:0028.000E: hidraw0: USB HID v0.06 Device [HID 056a:0028] on usb-dummy_hcd.3-1/input0
[  772.094968][ T5769] input: Wacom Intuos5 touch L Pen as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:056A:0028.000E/input/input10
[  772.376110][T11456] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1413'.
[  773.229182][ T5922] usb 4-1: USB disconnect, device number 16
[  775.578910][ T5922] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[  775.774807][ T5922] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  775.786135][ T5922] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  775.796776][ T5922] usb 4-1: New USB device found, idVendor=13ec, idProduct=0006, bcdDevice= 0.00
[  775.808065][ T5922] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  775.820745][ T5922] usb 4-1: config 0 descriptor??
[  777.712012][  T967] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[  777.784208][ T5922] zydacron 0003:13EC:0006.000F: unexpected long global item
[  777.848798][ T5922] zydacron 0003:13EC:0006.000F: parse failed
[  777.877709][T11494] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1423'.
[  777.906347][ T5922] zydacron: probe of 0003:13EC:0006.000F failed with error -22
[  778.011917][ T1286] ieee802154 phy0 wpan0: encryption failed: -22
[  778.018863][ T1286] ieee802154 phy1 wpan1: encryption failed: -22
[  778.025959][ T5922] usb 4-1: USB disconnect, device number 17
[  778.055124][  T967] usb 1-1: Using ep0 maxpacket: 16
[  778.550516][  T967] usb 1-1: config 0 has an invalid interface number: 41 but max is 0
[  778.558651][  T967] usb 1-1: config 0 has no interface number 0
[  778.569258][  T967] usb 1-1: config 0 interface 41 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16
[  778.579298][  T967] usb 1-1: config 0 interface 41 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[  778.593454][  T967] usb 1-1: config 0 interface 41 has no altsetting 0
[  778.603237][  T967] usb 1-1: New USB device found, idVendor=0fe6, idProduct=9700, bcdDevice=d1.9a
[  778.626923][  T967] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  778.640779][  T967] usb 1-1: Product: syz
[  778.645316][  T967] usb 1-1: Manufacturer: syz
[  778.649941][  T967] usb 1-1: SerialNumber: syz
[  778.675134][  T967] usb 1-1: config 0 descriptor??
[  778.681986][T11479] raw-gadget.2 gadget.0: fail, usb_ep_enable returned -22
[  778.709550][T11479] raw-gadget.2 gadget.0: fail, usb_ep_enable returned -22
[  778.776539][  T967] usb 1-1: can't set config #0, error -71
[  778.784720][  T967] usb 1-1: USB disconnect, device number 11
[  781.074996][ T5922] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[  784.457715][  T967] usb 4-1: new high-speed USB device number 18 using dummy_hcd
[  784.466223][ T5922] usb 1-1: Using ep0 maxpacket: 16
[  784.952314][ T5922] usb 1-1: device descriptor read/all, error -71
[  785.342528][T11549] netlink: 84 bytes leftover after parsing attributes in process `syz.2.1436'.
[  786.237367][ T5922] usb 1-1: new high-speed USB device number 14 using dummy_hcd
[  786.408919][ T5922] usb 1-1: Using ep0 maxpacket: 32
[  786.416032][ T5922] usb 1-1: config index 0 descriptor too short (expected 35577, got 27)
[  786.428169][ T5922] usb 1-1: config 1 has too many interfaces: 92, using maximum allowed: 32
[  786.440710][ T5922] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 92
[  786.450245][ T5922] usb 1-1: config 1 has no interface number 0
[  786.467451][ T5922] usb 1-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  786.488551][ T5922] usb 1-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[  786.506811][ T5922] usb 1-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8
[  786.520207][ T5922] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  786.574073][ T5922] snd_usb_pod 1-1:1.1: Line 6 Pocket POD found
[  786.798821][ T5922] snd_usb_pod 1-1:1.1: Line 6 Pocket POD now attached
[  786.929891][T11579] loop6: detected capacity change from 0 to 524288000
[  787.456523][  T967] usb 1-1: USB disconnect, device number 14
[  787.466460][  T967] snd_usb_pod 1-1:1.1: Line 6 Pocket POD now disconnected
[  788.619810][T11616] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1466'.
[  789.809919][T11629] loop3: detected capacity change from 0 to 256
[  789.825808][T11629] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x89cb6648, utbl_chksum : 0xe619d30d)
[  789.855846][   T27] audit: type=1800 audit(1770745223.867:27): pid=11629 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1471" name="file2" dev="loop3" ino=1048692 res=0 errno=0
[  789.941464][   T27] audit: type=1800 audit(1770745223.899:28): pid=11629 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1471" name="file2" dev="loop3" ino=1048692 res=0 errno=0
[  790.286128][ T5922] usb 1-1: new full-speed USB device number 15 using dummy_hcd
[  790.474737][ T5922] usb 1-1: config 5 has an invalid interface number: 3 but max is 0
[  790.484105][ T5922] usb 1-1: config 5 has no interface number 0
[  790.525204][ T5922] usb 1-1: New USB device found, idVendor=09fb, idProduct=602a, bcdDevice=fd.36
[  790.535353][ T5922] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  790.572312][ T5922] usb 1-1: Product: syz
[  790.578928][ T5922] usb 1-1: Manufacturer: syz
[  790.594435][ T5922] usb 1-1: SerialNumber: syz
[  790.626532][ T5922] ftdi_sio 1-1:5.3: FTDI USB Serial Device converter detected
[  790.644039][ T5922] ftdi_sio ttyUSB0: unknown device type: 0xfd36
[  790.789379][T11647] loop3: detected capacity change from 0 to 4096
[  790.815284][T11647] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512).
[  792.127114][  T967] usb 1-1: USB disconnect, device number 15
[  792.146855][  T967] ftdi_sio 1-1:5.3: device disconnected
[  792.724735][ T5922] usb 4-1: new high-speed USB device number 19 using dummy_hcd
[  792.823574][T11668] loop0: detected capacity change from 0 to 512
[  792.857402][T11668] EXT4-fs error (device loop0): ext4_orphan_get:1398: inode #15: comm syz.0.1484: inode has both inline data and extents flags
[  792.892419][T11668] EXT4-fs error (device loop0): ext4_orphan_get:1403: comm syz.0.1484: couldn't read orphan inode 15 (err -117)
[  792.907219][T11668] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  792.919677][ T5922] usb 4-1: Using ep0 maxpacket: 16
[  792.937783][ T5922] usb 4-1: too many endpoints for config 0 interface 0 altsetting 3: 63, using maximum allowed: 30
[  792.949339][ T5922] usb 4-1: config 0 interface 0 altsetting 3 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  792.965258][ T5922] usb 4-1: config 0 interface 0 altsetting 3 has 1 endpoint descriptor, different from the interface descriptor's value: 63
[  792.983447][ T5922] usb 4-1: config 0 interface 0 has no altsetting 0
[  792.991801][ T5922] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2c2e, bcdDevice= 0.00
[  793.002983][ T5922] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  793.051699][ T5922] usb 4-1: config 0 descriptor??
[  793.088653][ T5764] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  793.231322][T11672] loop0: detected capacity change from 0 to 1024
[  793.411560][ T7186] hfsplus: b-tree write err: -5, ino 8
[  793.474841][ T5922] lua 0003:1E7D:2C2E.0010: unknown main item tag 0x0
[  793.489492][ T5922] lua 0003:1E7D:2C2E.0010: unknown main item tag 0x0
[  793.505846][ T5922] lua 0003:1E7D:2C2E.0010: unknown main item tag 0x0
[  793.512651][ T5922] lua 0003:1E7D:2C2E.0010: unknown main item tag 0x0
[  793.524871][ T5922] lua 0003:1E7D:2C2E.0010: unknown main item tag 0x0
[  793.536955][ T5922] lua 0003:1E7D:2C2E.0010: hidraw0: USB HID v0.0b Device [HID 1e7d:2c2e] on usb-dummy_hcd.3-1/input0
[  793.718719][ T5922] usb 4-1: USB disconnect, device number 19
[  793.745357][T11675] loop0: detected capacity change from 0 to 4096
[  793.760832][T11675] EXT4-fs: Ignoring removed mblk_io_submit option
[  793.767603][T11675] EXT4-fs: Ignoring removed orlov option
[  793.830679][T11675] EXT4-fs (loop0): Test dummy encryption mode enabled
[  793.930393][T11675] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  794.059282][ T5764] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  797.134728][  T967] usb 4-1: new high-speed USB device number 20 using dummy_hcd
[  797.357939][  T967] usb 4-1: Using ep0 maxpacket: 8
[  797.365176][  T967] usb 4-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b
[  797.380331][  T967] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  797.400844][  T967] pvrusb2: Hardware description: Terratec Grabster AV400
[  797.409535][  T967] pvrusb2: **********
[  797.415095][  T967] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental.
[  797.426632][  T967] pvrusb2: Important functionality might not be entirely working.
[  797.435205][  T967] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver.
[  797.447140][  T967] pvrusb2: **********
[  797.606690][ T2315] pvrusb2: Invalid write control endpoint
[  797.728711][ T2315] pvrusb2: Invalid write control endpoint
[  797.734888][ T2315] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work.
[  797.764888][ T2315] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device.
[  797.772677][ T2315] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups.
[  797.783733][ T2315] pvrusb2: Device being rendered inoperable
[  797.803241][ T2315] cx25840 1-0044: Unable to detect h/w, assuming cx23887
[  797.810824][ T2315] cx25840 1-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a)
[  797.811336][  T967] usb 4-1: USB disconnect, device number 20
[  797.847053][ T2315] pvrusb2: Attached sub-driver cx25840
[  797.853140][ T2315] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it.
[  797.868689][ T2315] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover.
[  798.116621][T11719] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1501'.
[  798.987587][T11731] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1504'.
[  800.631466][  T967] usb 4-1: new high-speed USB device number 21 using dummy_hcd
[  800.666088][T11738] loop0: detected capacity change from 0 to 256
[  800.696300][T11738] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  800.739688][T11738] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  800.849582][  T967] usb 4-1: Using ep0 maxpacket: 32
[  800.860698][  T967] usb 4-1: config 0 has an invalid interface number: 71 but max is 0
[  800.878538][  T967] usb 4-1: config 0 has no interface number 0
[  800.906835][  T967] usb 4-1: config 0 interface 71 altsetting 1 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  800.935510][  T967] usb 4-1: config 0 interface 71 altsetting 1 endpoint 0x81 has invalid wMaxPacketSize 0
[  800.954618][  T967] usb 4-1: config 0 interface 71 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  800.978428][  T967] usb 4-1: config 0 interface 71 has no altsetting 0
[  800.992568][  T967] usb 4-1: New USB device found, idVendor=28bd, idProduct=0933, bcdDevice= 0.00
[  801.012087][  T967] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  801.032063][  T967] usb 4-1: config 0 descriptor??
[  801.210714][T11740] loop1: detected capacity change from 0 to 32768
[  801.219720][T11740] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 scanned by syz.1.1508 (11740)
[  801.253959][T11740] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  801.268956][T11740] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm
[  801.278150][T11740] BTRFS info (device loop1): using free space tree
[  801.384848][T11740] BTRFS info (device loop1): enabling ssd optimizations
[  801.391912][T11740] BTRFS info (device loop1): auto enabling async discard
[  801.463628][  T967] uclogic 0003:28BD:0933.0011: interface is invalid, ignoring
[  801.507123][ T5765] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  801.518340][ T5829] usb 1-1: new high-speed USB device number 16 using dummy_hcd
[  801.727095][ T5829] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  801.759475][ T5829] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  801.792635][ T5829] usb 1-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00
[  801.809054][  T967] usb 4-1: USB disconnect, device number 21
[  801.825576][ T5829] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  801.848175][ T5829] usb 1-1: config 0 descriptor??
[  802.083119][T11769] loop1: detected capacity change from 0 to 512
[  802.120799][T11770] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1512'.
[  802.148739][T11769] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  802.197753][T11769] ext4 filesystem being mounted at /420/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  802.275763][ T5829] cm6533_jd 0003:0D8C:0022.0012: unknown main item tag 0x0
[  802.285377][ T5829] cm6533_jd 0003:0D8C:0022.0012: item fetching failed at offset 4/5
[  802.286142][T11769] EXT4-fs error (device loop1): ext4_get_first_dir_block:3606: inode #12: comm syz.1.1513: directory missing '..'
[  802.296700][ T5829] cm6533_jd 0003:0D8C:0022.0012: parse failed
[  802.317049][ T5829] cm6533_jd: probe of 0003:0D8C:0022.0012 failed with error -22
[  802.405133][ T5765] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  802.567973][T11785] loop1: detected capacity change from 0 to 128
[  802.590728][   T27] audit: type=1326 audit(1770745237.242:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11782 comm="syz.3.1518" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f1e5ed9bf79 code=0x0
[  802.633125][T11785] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  802.657119][T11785] ext4 filesystem being mounted at /421/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  802.668991][T10609] usb 1-1: USB disconnect, device number 16
[  802.757978][ T5765] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  804.310355][T11801] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1522'.
[  805.178981][T11810] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1523'.
[  806.183197][T11819] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1526'.
[  808.641406][T11839] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1531'.
[  809.521346][T11830] loop1: detected capacity change from 0 to 32768
[  809.534398][T11830] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 scanned by syz.1.1521 (11830)
[  809.562206][T11830] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  809.583185][T11830] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm
[  809.602467][T11830] BTRFS info (device loop1): setting nodatacow, compression disabled
[  809.619607][T11830] BTRFS info (device loop1): force clearing of disk cache
[  809.651994][T11830] BTRFS info (device loop1): enabling ssd optimizations
[  809.658998][T11830] BTRFS info (device loop1): using spread ssd allocation scheme
[  809.688040][T11830] BTRFS info (device loop1): turning off barriers
[  809.697834][T11830] BTRFS info (device loop1): disabling free space tree
[  809.720360][T11830] BTRFS info (device loop1): not using ssd optimizations
[  809.727454][T11830] BTRFS info (device loop1): not using spread ssd allocation scheme
[  809.816923][T11830] BTRFS info (device loop1): rebuilding free space tree
[  809.885842][T11830] BTRFS info (device loop1): disabling free space tree
[  809.904685][T11830] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  809.927277][T11830] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  810.163764][ T5765] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  810.397475][T11869] loop3: detected capacity change from 0 to 512
[  810.422595][T11869] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  810.450373][T11869] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  810.461842][T11869] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem
[  810.477437][T11869] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended
[  810.492403][T11869] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006]
[  810.502194][T11869] System zones: 0-2, 18-18, 34-35
[  810.543694][T11869] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  810.774226][ T5762] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  812.402758][T11894] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1541'.
[  814.113330][T11909] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1545'.
[  815.586517][ T5922] usb 1-1: new high-speed USB device number 17 using dummy_hcd
[  815.767328][ T5922] usb 1-1: Using ep0 maxpacket: 32
[  815.785339][ T5922] usb 1-1: New USB device found, idVendor=0ccd, idProduct=0080, bcdDevice=67.fe
[  815.809053][ T5922] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  815.886101][ T5922] usb 1-1: Product: syz
[  815.897679][ T5922] usb 1-1: Manufacturer: syz
[  815.910091][ T5922] usb 1-1: SerialNumber: syz
[  815.925767][ T5922] usb 1-1: config 0 descriptor??
[  816.216513][ T5922] snd-usb-6fire 1-1:0.0: unknown device firmware state received from device:
[  816.234231][ T5922] 23 46 85 2e 41 85 9a 99 
[  816.238799][ T5922] snd-usb-6fire: probe of 1-1:0.0 failed with error -5
[  816.436835][ T5922] usb 1-1: USB disconnect, device number 17
[  816.604711][T11941] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1555'.
[  816.930240][T11944] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1554'.
[  818.390676][T11965] loop1: detected capacity change from 0 to 128
[  819.306210][T11983] loop1: detected capacity change from 0 to 256
[  819.315440][T11983] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  819.355096][T11983] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  820.632297][T12001] loop3: detected capacity change from 0 to 512
[  820.639810][T12001] EXT4-fs: Ignoring removed i_version option
[  820.665960][T12001] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  820.692118][T12001] EXT4-fs (loop3): 1 truncate cleaned up
[  820.709072][T12001] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  820.830452][ T5762] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  821.215342][  T967] usb 1-1: new high-speed USB device number 18 using dummy_hcd
[  821.996563][  T967] usb 1-1: Using ep0 maxpacket: 32
[  822.047521][  T967] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  822.059966][  T967] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  822.080078][  T967] usb 1-1: New USB device found, idVendor=258a, idProduct=0033, bcdDevice= 0.00
[  822.093946][  T967] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  822.106847][  T967] usb 1-1: config 0 descriptor??
[  822.538801][  T967] glorious 0003:258A:0033.0013: item fetching failed at offset 2/3
[  822.552694][  T967] glorious: probe of 0003:258A:0033.0013 failed with error -22
[  822.781492][  T967] usb 1-1: USB disconnect, device number 18
[  822.984220][T12023] loop3: detected capacity change from 0 to 131072
[  823.000880][T12023] F2FS-fs (loop3): Wrong CP boundary, start(512) end(1536) blocks(0)
[  823.009685][T12023] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  823.018997][T12023] F2FS-fs (loop3): invalid crc value
[  823.055212][T12023] F2FS-fs (loop3): Found nat_bits in checkpoint
[  823.109639][T12023] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  823.116803][T12023] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4
[  823.952649][T12036] loop0: detected capacity change from 0 to 32768
[  823.963045][T12036] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 scanned by syz.0.1586 (12036)
[  824.312368][T12036] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  824.398345][T12036] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[  824.476188][T12036] BTRFS info (device loop0): using free space tree
[  824.569153][T12048] loop3: detected capacity change from 0 to 64
[  824.584922][T12048] hfs: unable to locate alternate MDB
[  824.615164][T12048] hfs: continuing without an alternate MDB
[  824.725391][T12043] loop1: detected capacity change from 0 to 32768
[  824.749080][T12043] XFS: ikeep mount option is deprecated.
[  824.803765][T12043] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  824.815396][T12036] BTRFS info (device loop0): enabling ssd optimizations
[  824.990677][T12036] BTRFS info (device loop0): auto enabling async discard
[  825.008310][T12043] XFS (loop1): Ending clean mount
[  825.065590][T12043] XFS (loop1): Quotacheck needed: Please wait.
[  825.178052][T12043] XFS (loop1): Quotacheck: Done.
[  825.467447][ T5765] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  826.704314][ T5764] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  830.072912][T12107] loop3: detected capacity change from 0 to 32768
[  830.088620][T12107] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 scanned by syz.3.1604 (12107)
[  830.131874][T12107] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  830.149105][T12107] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[  830.158067][T12107] BTRFS info (device loop3): using free space tree
[  830.217050][T12107] BTRFS info (device loop3): enabling ssd optimizations
[  830.229229][T12107] BTRFS info (device loop3): auto enabling async discard
[  830.311952][T12115] loop0: detected capacity change from 0 to 4096
[  830.368001][ T5762] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  830.589749][T12115] ntfs3: loop0: Mark volume as dirty due to NTFS errors
[  831.087110][T12115] ntfs3: loop0: Failed to initialize $Extend/$Reparse.
[  831.630268][   T27] audit: type=1800 audit(1770745267.728:30): pid=12115 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1595" name="file1" dev="loop0" ino=30 res=0 errno=0
[  831.677354][T12115] ntfs3: loop0: ino=1e, attr_set_size
[  831.880558][T12150] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1612'.
[  831.900728][T12150] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1612'.
[  831.906421][T12136] loop1: detected capacity change from 0 to 32768
[  832.040884][T12152] netlink: 'syz.3.1614': attribute type 9 has an invalid length.
[  832.218075][T12154] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  832.227918][T12154] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  832.280355][T12154] netlink: 52 bytes leftover after parsing attributes in process `syz.2.1615'.
[  833.416929][T12171] loop0: detected capacity change from 0 to 512
[  833.483584][T12164] loop3: detected capacity change from 0 to 32768
[  833.489308][T12171] EXT4-fs (loop0): Test dummy encryption mode enabled
[  833.531645][T12164] JBD2: Ignoring recovery information on journal
[  833.575470][T12164] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  833.606700][T12171] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  833.731175][ T5762] ocfs2: Unmounting device (7,3) on (node local)
[  833.738472][T12171] EXT4-fs error (device loop0): ext4_orphan_get:1424: comm syz.0.1620: bad orphan inode 131083
[  833.758200][T12171] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  833.984510][T12171] fscrypt: AES-256-CTS-CBC using implementation "cts-cbc-aes-aesni"
[  834.073978][ T5764] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  834.397517][T12185] loop3: detected capacity change from 0 to 32768
[  834.410876][T12185] XFS: ikeep mount option is deprecated.
[  834.466318][T12185] XFS (loop3): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  834.535056][T12185] XFS (loop3): Ending clean mount
[  834.545208][T12185] XFS (loop3): Quotacheck needed: Please wait.
[  834.612852][T12185] XFS (loop3): Quotacheck: Done.
[  834.726028][ T5762] XFS (loop3): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  836.546961][ T1286] ieee802154 phy0 wpan0: encryption failed: -22
[  836.554423][ T1286] ieee802154 phy1 wpan1: encryption failed: -22
[  837.195287][T12217] loop1: detected capacity change from 0 to 256
[  837.236377][T12217] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0xc0e7db9a, utbl_chksum : 0xe619d30d)
[  837.249519][T12217] exFAT-fs (loop1): bogus allocation bitmap size(need : 2, cur : 17179869186)
[  837.300384][   T27] audit: type=1800 audit(1770745273.680:31): pid=12217 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1639" name="file2" dev="loop1" ino=1048695 res=0 errno=0
[  837.377952][T12221] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1633'.
[  837.399401][ T5829] usb 4-1: new high-speed USB device number 22 using dummy_hcd
[  838.733175][ T5829] usb 4-1: Using ep0 maxpacket: 8
[  838.745139][ T5829] usb 4-1: config index 0 descriptor too short (expected 301, got 45)
[  838.755964][ T5829] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  838.766184][ T5829] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  838.781815][ T5829] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  838.792280][ T5829] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  838.806906][ T5829] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  838.816365][ T5829] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  839.033687][ T5829] usb 4-1: GET_CAPABILITIES returned 0
[  839.039406][ T5829] usbtmc 4-1:16.0: can't read capabilities
[  839.618031][T12215] usb 4-1: usbtmc_ioctl_clear_in_halt returned -32
[  839.682398][ T5829] usb 4-1: USB disconnect, device number 22
[  840.366585][T12256] loop0: detected capacity change from 0 to 4096
[  840.400140][T12256] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512).
[  840.585631][ T5922] usb 4-1: new high-speed USB device number 23 using dummy_hcd
[  840.783561][ T5922] usb 4-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  840.793234][ T5922] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  840.803566][ T5922] usb 4-1: config 0 descriptor??
[  840.812341][ T5922] cp210x 4-1:0.0: cp210x converter detected
[  840.905214][ T5829] usb 1-1: new high-speed USB device number 19 using dummy_hcd
[  842.755147][ T5922] cp210x 4-1:0.0: failed to get vendor val 0x000e size 3: -32
[  842.771843][ T5922] usb 4-1: cp210x converter now attached to ttyUSB0
[  842.805468][ T5829] usb 1-1: Using ep0 maxpacket: 32
[  842.820702][ T5829] usb 1-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[  842.837368][ T5829] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  842.855843][ T5829] usb 1-1: config 0 descriptor??
[  842.977867][ T5809] usb 4-1: USB disconnect, device number 23
[  842.998498][ T5809] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  843.028555][ T5809] cp210x 4-1:0.0: device disconnected
[  843.069220][ T5829] dvb-usb: found a 'Elgato EyeTV Sat' in warm state.
[  843.111302][ T5829] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  843.171787][ T5829] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat)
[  843.206340][ T5829] usb 1-1: media controller created
[  843.283756][ T5829] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  843.322176][ T5829] az6027: usb out operation failed. (-71)
[  843.339114][ T5829] az6027: usb out operation failed. (-71)
[  843.351827][ T5829] stb0899_attach: Driver disabled by Kconfig
[  843.358242][ T5829] az6027: no front-end attached
[  843.358242][ T5829] 
[  843.371101][ T5829] az6027: usb out operation failed. (-71)
[  843.376945][ T5829] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat'
[  843.385938][ T5829] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.0/usb1/1-1/input/input13
[  843.420132][ T5829] dvb-usb: schedule remote query interval to 400 msecs.
[  843.427084][ T5829] dvb-usb: Elgato EyeTV Sat successfully initialized and connected.
[  843.465709][ T5829] usb 1-1: USB disconnect, device number 19
[  843.675347][ T5829] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected.
[  844.275352][ T5922] usb 1-1: new high-speed USB device number 20 using dummy_hcd
[  844.486782][ T5922] usb 1-1: Using ep0 maxpacket: 8
[  844.502939][ T5922] usb 1-1: config index 0 descriptor too short (expected 301, got 45)
[  844.515774][ T5922] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  844.538199][ T5922] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  844.592721][ T5922] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  844.678834][ T5922] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  844.713246][ T5922] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  844.724166][ T5922] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  844.972540][ T5922] usb 1-1: GET_CAPABILITIES returned 0
[  844.985872][ T5922] usbtmc 1-1:16.0: can't read capabilities
[  846.029014][ T5809] usb 1-1: USB disconnect, device number 20
[  846.300096][ T5922] usb 4-1: new high-speed USB device number 24 using dummy_hcd
[  846.461426][T12308] loop1: detected capacity change from 0 to 4096
[  846.500222][T12308] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  846.540341][ T5922] usb 4-1: New USB device found, idVendor=2c42, idProduct=1602, bcdDevice=da.64
[  846.559005][ T5922] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  846.612809][ T5922] usb 4-1: Product: syz
[  846.617031][ T5922] usb 4-1: Manufacturer: syz
[  846.662385][ T5922] usb 4-1: SerialNumber: syz
[  846.698364][ T5922] usb 4-1: config 0 descriptor??
[  846.713192][ T5922] hub 4-1:0.0: bad descriptor, ignoring hub
[  846.734420][ T5922] hub: probe of 4-1:0.0 failed with error -5
[  846.746727][ T5765] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  846.764595][ T5922] f81232 4-1:0.0: f81534a converter detected
[  846.903879][ T5922] usb 4-1: f81534a converter now attached to ttyUSB0
[  847.139487][T12313] loop1: detected capacity change from 0 to 4096
[  847.204452][T12315] loop0: detected capacity change from 0 to 4096
[  847.239718][ T5809] usb 4-1: USB disconnect, device number 24
[  847.269371][T12315] ntfs3: loop0: Different NTFS sector size (4096) and media sector size (512).
[  847.279856][ T5809] f81534a ttyUSB0: f81534a converter now disconnected from ttyUSB0
[  847.305521][ T5809] f81232 4-1:0.0: device disconnected
[  851.160698][T12364] option changes via remount are deprecated (pid=12363 comm=syz.1.1687)
[  853.156299][T12385] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  853.170233][T12385] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  853.386490][ T5769] usb 1-1: new high-speed USB device number 21 using dummy_hcd
[  853.551716][T12396] loop1: detected capacity change from 0 to 736
[  853.598674][ T5769] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  853.638505][ T5769] usb 1-1: New USB device found, idVendor=1038, idProduct=12b6, bcdDevice= 0.00
[  853.660990][ T5769] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  853.675385][ T5769] usb 1-1: config 0 descriptor??
[  854.110636][ T5769] steelseries 0003:1038:12B6.0014: unknown main item tag 0x0
[  854.132539][ T5769] steelseries 0003:1038:12B6.0014: unknown main item tag 0x0
[  854.155414][ T5769] steelseries 0003:1038:12B6.0014: unknown main item tag 0x0
[  854.174319][ T5769] steelseries 0003:1038:12B6.0014: unknown main item tag 0x0
[  854.181778][ T5769] steelseries 0003:1038:12B6.0014: unknown main item tag 0x0
[  854.185649][T12403] loop1: detected capacity change from 0 to 4096
[  854.212747][ T5769] steelseries 0003:1038:12B6.0014: unknown main item tag 0x0
[  854.246191][ T5769] steelseries 0003:1038:12B6.0014: hidraw0: USB HID vff.fc Device [HID 1038:12b6] on usb-dummy_hcd.0-1/input0
[  854.615922][ T5922] usb 1-1: USB disconnect, device number 21
[  854.922725][T12412] loop1: detected capacity change from 0 to 32768
[  855.002481][T12412] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  855.127455][T12412] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  855.167852][T12412] CIFS mount error: No usable UNC path provided in device string!
[  855.167852][T12412] 
[  855.187003][T12412] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  855.197309][T12425] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1711'.
[  855.328290][ T5765] ocfs2: Unmounting device (7,1) on (node local)
[  856.284559][T12445] loop1: detected capacity change from 0 to 40427
[  856.300452][T12445] F2FS-fs (loop1): Invalid SB checksum offset: 0
[  856.333927][T12445] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock
[  856.360081][T12445] F2FS-fs (loop1): invalid crc value
[  856.532062][T12445] F2FS-fs (loop1): Try to recover 2th superblock, ret: 0
[  856.565678][T12445] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  857.379442][T12475] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1728'.
[  861.851174][T12510] loop3: detected capacity change from 0 to 4096
[  862.113216][T12528] loop3: detected capacity change from 0 to 256
[  862.213124][T12528] FAT-fs (loop3): Directory bread(block 64) failed
[  862.229913][T12528] FAT-fs (loop3): Directory bread(block 65) failed
[  862.249811][T12528] FAT-fs (loop3): Directory bread(block 66) failed
[  862.257187][T12528] FAT-fs (loop3): Directory bread(block 67) failed
[  862.264712][T12528] FAT-fs (loop3): Directory bread(block 68) failed
[  862.272014][T12528] FAT-fs (loop3): Directory bread(block 69) failed
[  862.278810][T12528] FAT-fs (loop3): Directory bread(block 70) failed
[  862.288538][T12528] FAT-fs (loop3): Directory bread(block 71) failed
[  862.295953][T12528] FAT-fs (loop3): Directory bread(block 72) failed
[  862.310864][T12528] FAT-fs (loop3): Directory bread(block 73) failed
[  862.376266][T10609] usb 1-1: new high-speed USB device number 22 using dummy_hcd
[  862.569445][T10609] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  862.583646][T10609] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  862.603773][T10609] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  862.618315][T10609] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  862.627452][T10609] usb 1-1: SerialNumber: syz
[  862.791708][T12540] loop3: detected capacity change from 0 to 512
[  862.857131][T10609] usb 1-1: 0:2 : does not exist
[  862.873230][T12540] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  862.890403][T12536] loop1: detected capacity change from 0 to 32768
[  862.903035][T12536] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz.1.1753 (12536)
[  862.926986][T12536] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  862.937385][T12536] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm
[  862.939156][T12540] ext4 filesystem being mounted at /500/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  862.946141][T12536] BTRFS info (device loop1): max_inline at 0
[  862.962784][T12536] BTRFS info (device loop1): setting nodatasum
[  862.969053][T12536] BTRFS info (device loop1): enabling auto defrag
[  862.975495][T12536] BTRFS info (device loop1): turning on async discard
[  862.982512][T12536] BTRFS info (device loop1): max_inline at 0
[  862.988593][T12536] BTRFS info (device loop1): using free space tree
[  863.006269][T12543] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1231: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  863.081779][T10609] usb 1-1: USB disconnect, device number 22
[  863.119820][T12540] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 10 with max blocks 23 with error 28
[  863.158088][T12540] EXT4-fs (loop3): This should not happen!! Data will be lost
[  863.158088][T12540] 
[  863.174982][T10400] udevd[10400]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  863.190166][T12540] EXT4-fs (loop3): Total free blocks count 0
[  863.197239][T12540] EXT4-fs (loop3): Free/Dirty block details
[  863.203220][T12540] EXT4-fs (loop3): free_blocks=65280
[  863.223043][T12536] BTRFS info (device loop1): enabling ssd optimizations
[  863.234594][T12540] EXT4-fs (loop3): dirty_blocks=23
[  863.239764][T12540] EXT4-fs (loop3): Block reservation details
[  863.283273][T12540] EXT4-fs (loop3): i_reserved_data_blocks=23
[  863.371853][   T27] audit: type=1800 audit(2000000017.269:32): pid=12536 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1753" name="file2" dev="loop1" ino=261 res=0 errno=0
[  863.414070][ T5762] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  863.486748][ T5765] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  863.541448][T12563] loop3: detected capacity change from 0 to 64
[  863.773350][T10400] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 10 /dev/loop1 scanned by udevd (10400)
[  864.470121][T12567] loop1: detected capacity change from 0 to 32768
[  864.497865][T12567] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  864.518487][T12567] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm
[  864.539376][T12567] BTRFS info (device loop1): using free space tree
[  864.603462][T12537] CIFS mount error: No usable UNC path provided in device string!
[  864.603462][T12537] 
[  864.628903][T12537] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  864.710799][T12567] BTRFS info (device loop1): enabling ssd optimizations
[  864.717806][T12567] BTRFS info (device loop1): auto enabling async discard
[  864.959346][T12605] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1765'.
[  865.837205][ T5765] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  866.199380][T12616] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  866.332335][T12616] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  866.371568][T12617] netlink: 80 bytes leftover after parsing attributes in process `syz.0.1770'.
[  867.685909][T12641] loop0: detected capacity change from 0 to 1024
[  867.927245][T12644] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1781'.
[  867.931137][ T7186] hfsplus: b-tree write err: -5, ino 3
[  868.221358][T12654] macvtap1: entered promiscuous mode
[  868.227249][T12654] dummy0: entered promiscuous mode
[  868.247860][T12654] team0: Device macvtap1 failed to register rx_handler
[  868.268383][T12654] dummy0: left promiscuous mode
[  868.340852][T12658] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1787'.
[  868.350910][T12658] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1787'.
[  868.514471][T12663] loop3: detected capacity change from 0 to 4096
[  868.557080][T12667] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  868.604474][   T27] audit: type=1800 audit(2000000022.759:33): pid=12663 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1789" name="file2" dev="loop3" ino=16 res=0 errno=0
[  868.645765][   T27] audit: type=1800 audit(2000000022.801:34): pid=12663 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1789" name="file2" dev="loop3" ino=16 res=0 errno=0
[  868.677667][T12670] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  868.688665][T12670] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  869.032193][T12676] mkiss: ax0: crc mode is auto.
[  869.050024][T12679] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  869.059909][T12679] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  869.085820][T12679] netlink: 80 bytes leftover after parsing attributes in process `syz.2.1795'.
[  869.369309][T12685] macvtap1: entered promiscuous mode
[  869.401771][T12685] dummy0: entered promiscuous mode
[  869.419875][T12685] team0: Device macvtap1 failed to register rx_handler
[  869.446647][T12685] dummy0: left promiscuous mode
[  869.800830][T12693] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  869.811018][T12693] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  870.188182][T12705] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  870.215556][T12705] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  870.238764][T12705] netlink: 80 bytes leftover after parsing attributes in process `syz.2.1804'.
[  870.515706][T12710] kvm: kvm [12709]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0xc0010004) = 0xffffffffffffffff
[  870.936155][T12725] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  870.950590][T12725] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  870.984748][T12727] loop0: detected capacity change from 0 to 1024
[  871.017602][T12728] netlink: 80 bytes leftover after parsing attributes in process `syz.2.1814'.
[  871.188311][T12734] loop3: detected capacity change from 0 to 1024
[  871.254666][T12734] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  871.288468][T12734] ext4 filesystem being mounted at /530/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  871.445531][T12734] EXT4-fs error (device loop3): ext4_map_blocks:718: inode #15: comm syz.3.1819: lblock 0 mapped to illegal pblock 0 (length 1)
[  871.484680][T12734] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 117
[  871.502090][T12734] EXT4-fs (loop3): This should not happen!! Data will be lost
[  871.502090][T12734] 
[  871.515024][T12734] EXT4-fs error (device loop3): ext4_map_blocks:608: inode #15: comm syz.3.1819: lblock 0 mapped to illegal pblock 0 (length 1)
[  871.573912][ T5762] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  872.373269][   T27] audit: type=1326 audit(2000000026.717:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12769 comm="syz.0.1830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc85cb9bf79 code=0x7ffc0000
[  872.407829][   T27] audit: type=1326 audit(2000000026.717:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12769 comm="syz.0.1830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc85cb9bf79 code=0x7ffc0000
[  872.450487][   T27] audit: type=1326 audit(2000000026.727:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12769 comm="syz.0.1830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc85cb9bf79 code=0x7ffc0000
[  872.487181][   T27] audit: type=1326 audit(2000000026.727:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12769 comm="syz.0.1830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc85cb9bf79 code=0x7ffc0000
[  872.542460][   T27] audit: type=1326 audit(2000000026.727:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12769 comm="syz.0.1830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=250 compat=0 ip=0x7fc85cb9bf79 code=0x7ffc0000
[  872.577079][   T27] audit: type=1326 audit(2000000026.727:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12769 comm="syz.0.1830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc85cb9bf79 code=0x7ffc0000
[  872.839989][T12772] loop3: detected capacity change from 0 to 40427
[  872.861716][T12772] F2FS-fs (loop3): Insane cp_payload (553648128 >= 504)
[  872.871867][T12772] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  872.884600][T12772] F2FS-fs (loop3): heap/no_heap options were deprecated
[  872.897186][T12772] F2FS-fs (loop3): invalid crc value
[  872.914958][T12772] F2FS-fs (loop3): Found nat_bits in checkpoint
[  872.968494][T12772] F2FS-fs (loop3): Start checkpoint disabled!
[  872.985115][T12772] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  872.992778][T12772] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[  873.294575][T12778] syz.3.1833: attempt to access beyond end of device
[  873.294575][T12778] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  873.465574][T12774] loop0: detected capacity change from 0 to 32768
[  873.562621][ T7178] kworker/u4:13: attempt to access beyond end of device
[  873.562621][ T7178] loop3: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  873.596606][ T7178] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  873.617379][ T7178] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  873.635375][T12774] XFS (loop0): Invalid device [./file0], error=-6
[  874.060838][T12792] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1840'.
[  874.073457][T12790] loop3: detected capacity change from 0 to 512
[  874.106888][T12790] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[  874.130485][T12790] EXT4-fs (loop3): invalid journal inode
[  874.136602][T12790] EXT4-fs (loop3): can't get journal size
[  874.184467][T12794] program syz.1.1841 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  874.212468][T12790] EXT4-fs (loop3): 1 truncate cleaned up
[  874.220485][T12790] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  874.466753][ T5762] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  874.867010][T12800] loop1: detected capacity change from 0 to 40427
[  874.902157][T12800] F2FS-fs (loop1): Wrong MAIN_AREA boundary, start(4096) end(12800) block(12288)
[  874.922931][T12800] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  874.940814][T12800] F2FS-fs (loop1): build fault injection attr: rate: 0, type: 0x35f7
[  874.949010][T12800] F2FS-fs (loop1): build fault injection attr: rate: 690, type: 0x7ffff
[  874.959541][T12800] F2FS-fs (loop1): Image doesn't support compression
[  874.995546][T12800] F2FS-fs (loop1): invalid crc value
[  875.019634][T12800] F2FS-fs (loop1): Found nat_bits in checkpoint
[  875.085991][T12815] netlink: 276 bytes leftover after parsing attributes in process `syz.2.1848'.
[  875.116262][T12800] F2FS-fs (loop1): Start checkpoint disabled!
[  875.118140][T12798] loop0: detected capacity change from 0 to 40427
[  875.136435][T12800] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  875.149776][T12800] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  875.156805][T12798] F2FS-fs (loop0): invalid crc value
[  875.199560][T12798] F2FS-fs (loop0): Found nat_bits in checkpoint
[  875.245275][ T5922] usb 4-1: new high-speed USB device number 25 using dummy_hcd
[  875.253079][T12800] syz.1.1842: attempt to access beyond end of device
[  875.253079][T12800] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  875.298109][T12800] F2FS-fs (loop1): inject no more block in inc_valid_node_count of f2fs_new_node_page+0x187/0x910
[  875.426252][ T5922] usb 4-1: Using ep0 maxpacket: 16
[  875.433080][ T5922] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  875.445556][ T5922] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  875.454660][ T6652] kworker/u4:11: attempt to access beyond end of device
[  875.454660][ T6652] loop1: rw=1, sector=45104, nr_sectors = 8 limit=40427
[  875.472121][ T6652] kworker/u4:11: attempt to access beyond end of device
[  875.472121][ T6652] loop1: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  875.480862][ T5922] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  875.499509][ T5922] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  875.501976][ T6652] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  875.511032][ T5922] usb 4-1: Product: syz
[  875.515202][ T6652] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  875.526072][T12798] F2FS-fs (loop0): Start checkpoint disabled!
[  875.549545][ T5922] usb 4-1: Manufacturer: syz
[  875.554877][ T5922] usb 4-1: SerialNumber: syz
[  875.603662][T12798] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  875.969404][ T5922] usb 4-1: 0:2 : does not exist
[  875.977278][ T7178] kworker/u4:13: attempt to access beyond end of device
[  875.977278][ T7178] loop0: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  875.992605][ T7178] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  876.002510][ T7178] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  876.362221][ T5922] usb 4-1: 5:0: failed to get current value for ch 0 (-22)
[  876.374262][T12838] netlink: 104 bytes leftover after parsing attributes in process `syz.0.1858'.
[  876.402632][ T5922] usb 4-1: USB disconnect, device number 25
[  876.441552][T10400] udevd[10400]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  876.523870][T12840] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  876.532704][T12840] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  876.546165][T12840] netlink: 80 bytes leftover after parsing attributes in process `syz.0.1859'.
[  877.253137][T12855] loop3: detected capacity change from 0 to 32768
[  877.285157][T12855] JBD2: Ignoring recovery information on journal
[  877.348413][T12855] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  877.495933][ T5762] ocfs2: Unmounting device (7,3) on (node local)
[  877.700557][T12862] netlink: 'syz.0.1867': attribute type 3 has an invalid length.
[  877.778755][T12861] lo speed is unknown, defaulting to 1000
[  878.612743][T12870] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1869'.
[  879.171767][T12887] syz.1.1875 uses obsolete (PF_INET,SOCK_PACKET)
[  879.392052][T12890] input: syz0 as /devices/virtual/input/input14
[  879.412000][T12890] input: failed to attach handler leds to device input14, error: -6
[  880.225457][T12905] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1880'.
[  880.862634][T12911] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  880.873327][T12911] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  880.909535][T12911] netlink: 80 bytes leftover after parsing attributes in process `syz.3.1882'.
[  881.004412][T12915] loop3: detected capacity change from 0 to 2048
[  881.061104][T12915] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  881.149427][ T5762] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  881.156124][T12913] loop0: detected capacity change from 0 to 4096
[  881.211655][T12913] ntfs3: loop0: Different NTFS sector size (4096) and media sector size (512).
[  881.408510][   T27] audit: type=1800 audit(2000000036.197:41): pid=12913 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1883" name="file1" dev="loop0" ino=33 res=0 errno=0
[  881.439699][   T27] audit: type=1800 audit(2000000036.228:42): pid=12913 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1883" name="file3" dev="loop0" ino=31 res=0 errno=0
[  881.865989][T12937] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1891'.
[  881.884589][T10609] usb 4-1: new high-speed USB device number 26 using dummy_hcd
[  882.527490][T12941] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1892'.
[  882.588042][T12943] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  882.603639][T12943] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  882.625000][T12943] netlink: 80 bytes leftover after parsing attributes in process `syz.0.1893'.
[  882.649506][T10609] usb 4-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  882.660047][T10609] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  882.680279][T10609] usb 4-1: config 0 descriptor??
[  882.691404][T10609] cp210x 4-1:0.0: cp210x converter detected
[  882.817967][T12949] loop1: detected capacity change from 0 to 1764
[  883.107377][T10609] cp210x 4-1:0.0: failed to get vendor val 0x000e size 3: -32
[  883.131500][T10609] usb 4-1: cp210x converter now attached to ttyUSB0
[  883.212154][ T7215] Bluetooth: hci4: Frame reassembly failed (-84)
[  883.342541][T12967] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1901'.
[  883.368337][  T967] usb 4-1: USB disconnect, device number 26
[  883.379223][  T967] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  883.395511][  T967] cp210x 4-1:0.0: device disconnected
[  883.440430][T12972] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1902'.
[  883.648090][T12977] syzkaller1: entered promiscuous mode
[  883.653756][T12977] syzkaller1: entered allmulticast mode
[  883.929346][T12985] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  883.945344][T12985] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  883.961073][T12985] netlink: 80 bytes leftover after parsing attributes in process `syz.3.1907'.
[  884.075640][  T967] usb 1-1: new high-speed USB device number 23 using dummy_hcd
[  884.265875][  T967] usb 1-1: Using ep0 maxpacket: 16
[  884.278715][  T967] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  884.302639][  T967] usb 1-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  884.323075][  T967] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  884.343788][  T967] usb 1-1: config 0 descriptor??
[  884.447666][T13003] lo speed is unknown, defaulting to 1000
[  884.618825][T13001] loop3: detected capacity change from 0 to 32768
[  884.665114][T13001] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  884.755523][T13001] XFS (loop3): Ending clean mount
[  884.767911][T13001] XFS (loop3): Quotacheck needed: Please wait.
[  884.791698][  T967] mcp2221 0003:04D8:00DD.0015: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.0-1/input0
[  884.847348][T13001] XFS (loop3): Quotacheck: Done.
[  884.876771][T13001] XFS (loop3): User initiated shutdown received.
[  884.909195][T13001] XFS (loop3): Metadata I/O Error (0x4) detected at xfs_fs_goingdown+0x71/0x150 (fs/xfs/xfs_fsops.c:497).  Shutting down filesystem.
[  884.940919][T13001] XFS (loop3): Please unmount the filesystem and rectify the problem(s)
[  885.008633][ T5762] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  885.152193][T12965] Bluetooth: hci4: command 0x1003 tx timeout
[  885.161452][ T8456] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  885.334015][ T5829] usb 1-1: USB disconnect, device number 23
[  885.701816][T13027] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  885.713789][T13027] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  885.741292][T13027] netlink: 80 bytes leftover after parsing attributes in process `syz.3.1919'.
[  886.868092][T13025] loop1: detected capacity change from 0 to 32768
[  887.002944][T13039] IPVS: ovf: UDP 224.0.0.2:0 - no destination available
[  888.749093][T13071] loop1: detected capacity change from 0 to 32768
[  888.755809][  T967] usb 1-1: new full-speed USB device number 24 using dummy_hcd
[  888.824211][T13071] ocfs2: Slot 0 on device (7,1) was already allocated to this node!
[  888.858131][T13071] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  888.886074][ T6652] (kworker/u4:11,6652,1):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #72: rec_len % 4 != 0 - offset=312, inode=13845347915746889, rec_len=25793, name_len=214
[  888.889788][T13071] 
[  888.906556][T13071] ======================================================
[  888.913585][T13071] WARNING: possible circular locking dependency detected
[  888.920719][T13071] syzkaller #0 Not tainted
[  888.925151][T13071] ------------------------------------------------------
[  888.932178][T13071] syz.1.1929/13071 is trying to acquire lock:
[  888.938254][T13071] ffff888047d44e38 (&oi->ip_xattr_sem){++++}-{3:3}, at: ocfs2_init_acl+0x30a/0x770
[  888.947604][T13071] 
[  888.947604][T13071] but task is already holding lock:
[  888.954976][T13071] ffff88802fe464e8 (&journal->j_trans_barrier){.+.+}-{3:3}, at: ocfs2_start_trans+0x3a8/0x6f0
[  888.965328][T13071] 
[  888.965328][T13071] which lock already depends on the new lock.
[  888.965328][T13071] 
[  888.975714][T13071] 
[  888.975714][T13071] the existing dependency chain (in reverse order) is:
[  888.984710][T13071] 
[  888.984710][T13071] -> #4 (&journal->j_trans_barrier){.+.+}-{3:3}:
[  888.993212][T13071]        down_read+0x46/0x2e0
[  888.997891][T13071]        ocfs2_start_trans+0x3a8/0x6f0
[  889.003350][T13071]        ocfs2_shutdown_local_alloc+0x1fc/0xaa0
[  889.009584][T13071]        ocfs2_dismount_volume+0x1e5/0x8a0
[  889.015383][T13071]        generic_shutdown_super+0x134/0x2b0
[  889.021276][T13071]        kill_block_super+0x44/0x90
[  889.026470][T13071]        deactivate_locked_super+0x97/0x100
[  889.032353][T13071]        cleanup_mnt+0x43b/0x4d0
[  889.037305][T13071]        task_work_run+0x1d4/0x260
[  889.042412][T13071]        exit_to_user_mode_loop+0xe6/0x110
[  889.048212][T13071]        exit_to_user_mode_prepare+0xee/0x180
[  889.054281][T13071]        syscall_exit_to_user_mode+0x1a/0x50
[  889.060262][T13071]        do_syscall_64+0x61/0xa0
[  889.065191][T13071]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  889.071592][T13071] 
[  889.071592][T13071] -> #3 (sb_internal#5){.+.+}-{0:0}:
[  889.079143][T13071]        ocfs2_start_trans+0x2a9/0x6f0
[  889.084592][T13071]        ocfs2_mknod+0xf1d/0x2300
[  889.089604][T13071]        ocfs2_create+0x196/0x430
[  889.094630][T13071]        path_openat+0x12a0/0x3230
[  889.099730][T13071]        do_filp_open+0x1f5/0x430
[  889.104740][T13071]        do_sys_openat2+0x134/0x1d0
[  889.109928][T13071]        __x64_sys_openat+0x139/0x160
[  889.115286][T13071]        do_syscall_64+0x55/0xa0
[  889.120218][T13071]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  889.126619][T13071] 
[  889.126619][T13071] -> #2 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#6){+.+.}-{3:3}:
[  889.137124][T13071]        down_write+0x97/0x200
[  889.141878][T13071]        ocfs2_reserve_local_alloc_bits+0x120/0x2600
[  889.148543][T13071]        ocfs2_reserve_clusters_with_limit+0x1ba/0xc20
[  889.155388][T13071]        ocfs2_mknod+0xebb/0x2300
[  889.160413][T13071]        ocfs2_create+0x196/0x430
[  889.165428][T13071]        path_openat+0x12a0/0x3230
[  889.170524][T13071]        do_filp_open+0x1f5/0x430
[  889.175537][T13071]        do_sys_openat2+0x134/0x1d0
[  889.180749][T13071]        __x64_sys_openat+0x139/0x160
[  889.186109][T13071]        do_syscall_64+0x55/0xa0
[  889.191052][T13071]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  889.197485][T13071] 
[  889.197485][T13071] -> #1 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#5){+.+.}-{3:3}:
[  889.208002][T13071]        down_write+0x97/0x200
[  889.212761][T13071]        ocfs2_reserve_suballoc_bits+0x16e/0x44c0
[  889.219285][T13071]        ocfs2_reserve_new_metadata_blocks+0x416/0x9a0
[  889.226127][T13071]        ocfs2_init_xattr_set_ctxt+0x30b/0x710
[  889.232273][T13071]        ocfs2_xattr_set+0xc3f/0x13e0
[  889.237635][T13071]        __vfs_setxattr+0x431/0x470
[  889.242846][T13071]        __vfs_setxattr_noperm+0x12d/0x5e0
[  889.248644][T13071]        vfs_setxattr+0x16b/0x2f0
[  889.253665][T13071]        path_setxattr+0x3f3/0x5d0
[  889.258769][T13071]        __x64_sys_lsetxattr+0xb8/0xd0
[  889.264219][T13071]        do_syscall_64+0x55/0xa0
[  889.269146][T13071]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  889.275581][T13071] 
[  889.275581][T13071] -> #0 (&oi->ip_xattr_sem){++++}-{3:3}:
[  889.283408][T13071]        __lock_acquire+0x2df1/0x7d40
[  889.288771][T13071]        lock_acquire+0x19e/0x420
[  889.293781][T13071]        down_read+0x46/0x2e0
[  889.298476][T13071]        ocfs2_init_acl+0x30a/0x770
[  889.303698][T13071]        ocfs2_mknod+0x140f/0x2300
[  889.308828][T13071]        ocfs2_create+0x196/0x430
[  889.313863][T13071]        path_openat+0x12a0/0x3230
[  889.318971][T13071]        do_filp_open+0x1f5/0x430
[  889.323993][T13071]        do_sys_openat2+0x134/0x1d0
[  889.329190][T13071]        __x64_sys_openat+0x139/0x160
[  889.334566][T13071]        do_syscall_64+0x55/0xa0
[  889.339502][T13071]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  889.345914][T13071] 
[  889.345914][T13071] other info that might help us debug this:
[  889.345914][T13071] 
[  889.356130][T13071] Chain exists of:
[  889.356130][T13071]   &oi->ip_xattr_sem --> sb_internal#5 --> &journal->j_trans_barrier
[  889.356130][T13071] 
[  889.370028][T13071]  Possible unsafe locking scenario:
[  889.370028][T13071] 
[  889.377461][T13071]        CPU0                    CPU1
[  889.382826][T13071]        ----                    ----
[  889.388185][T13071]   rlock(&journal->j_trans_barrier);
[  889.393555][T13071]                                lock(sb_internal#5);
[  889.400319][T13071]                                lock(&journal->j_trans_barrier);
[  889.408113][T13071]   rlock(&oi->ip_xattr_sem);
[  889.412780][T13071] 
[  889.412780][T13071]  *** DEADLOCK ***
[  889.412780][T13071] 
[  889.420907][T13071] 8 locks held by syz.1.1929/13071:
[  889.426086][T13071]  #0: ffff888054ffe418 (sb_writers#42){.+.+}-{0:0}, at: mnt_want_write+0x41/0x90
[  889.435314][T13071]  #1: ffff888047d45118 (&type->i_mutex_dir_key#28){+.+.}-{3:3}, at: path_openat+0x7dc/0x3230
[  889.445585][T13071]  #2: ffff888047cd6d98 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#4){+.+.}-{3:3}, at: ocfs2_reserve_suballoc_bits+0x16e/0x44c0
[  889.459258][T13071]  #3: ffff888047cd1818 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#5){+.+.}-{3:3}, at: ocfs2_reserve_suballoc_bits+0x16e/0x44c0
[  889.472930][T13071]  #4: ffff88805f0109d8 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#6){+.+.}-{3:3}, at: ocfs2_reserve_local_alloc_bits+0x120/0x2600
[  889.486843][T13071]  #5: ffff888054ffe608 (sb_internal#5){.+.+}-{0:0}, at: ocfs2_mknod+0xf1d/0x2300
[  889.496063][T13071]  #6: ffff88802fe464e8 (&journal->j_trans_barrier){.+.+}-{3:3}, at: ocfs2_start_trans+0x3a8/0x6f0
[  889.506749][T13071]  #7: ffff88802640a990 (jbd2_handle#2){.+.+}-{0:0}, at: start_this_handle+0x1f7a/0x21c0
[  889.516580][T13071] 
[  889.516580][T13071] stack backtrace:
[  889.522462][T13071] CPU: 0 PID: 13071 Comm: syz.1.1929 Not tainted syzkaller #0
[  889.529905][T13071] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  889.539965][T13071] Call Trace:
[  889.543596][T13071]  <TASK>
[  889.546525][T13071]  dump_stack_lvl+0x18c/0x250
[  889.551376][T13071]  ? load_image+0x400/0x400
[  889.555872][T13071]  ? show_regs_print_info+0x20/0x20
[  889.561068][T13071]  ? print_circular_bug+0x12b/0x1a0
[  889.566273][T13071]  check_noncircular+0x2fc/0x400
[  889.571292][T13071]  ? print_deadlock_bug+0x5d0/0x5d0
[  889.576743][T13071]  ? _find_first_zero_bit+0xd3/0x100
[  889.582029][T13071]  ? add_lock_to_list+0x191/0x280
[  889.587050][T13071]  __lock_acquire+0x2df1/0x7d40
[  889.591898][T13071]  ? verify_lock_unused+0x140/0x140
[  889.597094][T13071]  ? __lock_acquire+0x7d40/0x7d40
[  889.602109][T13071]  ? do_raw_spin_lock+0x11f/0x2c0
[  889.607128][T13071]  lock_acquire+0x19e/0x420
[  889.611619][T13071]  ? ocfs2_init_acl+0x30a/0x770
[  889.616468][T13071]  ? __might_sleep+0xe0/0xe0
[  889.621047][T13071]  ? read_lock_is_recursive+0x20/0x20
[  889.626409][T13071]  ? trace_ocfs2_claim_new_inode_at_loc+0x1c0/0x1c0
[  889.632991][T13071]  ? mark_lock+0x94/0x320
[  889.637312][T13071]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  889.643286][T13071]  down_read+0x46/0x2e0
[  889.647434][T13071]  ? ocfs2_init_acl+0x30a/0x770
[  889.652281][T13071]  ocfs2_init_acl+0x30a/0x770
[  889.656953][T13071]  ? ocfs2_mknod_locked+0x159/0x290
[  889.662141][T13071]  ? ocfs2_acl_chmod+0x330/0x330
[  889.667084][T13071]  ? dquot_alloc_inode+0x211/0xa40
[  889.672191][T13071]  ? ocfs2_block_signals+0x9b/0xe0
[  889.677299][T13071]  ? ocfs2_free_mem_caches+0x50/0x50
[  889.682582][T13071]  ? mark_lock+0x94/0x320
[  889.686902][T13071]  ? ocfs2_init_security_get+0x139/0x1a0
[  889.692524][T13071]  ocfs2_mknod+0x140f/0x2300
[  889.697120][T13071]  ? ocfs2_mkdir+0x430/0x430
[  889.701709][T13071]  ? _raw_spin_unlock_irqrestore+0x86/0x120
[  889.707613][T13071]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[  889.713520][T13071]  ? ocfs2_inode_unlock+0xa5/0x140
[  889.718638][T13071]  ? __lock_acquire+0x7d40/0x7d40
[  889.723656][T13071]  ? __rwlock_init+0x150/0x150
[  889.728413][T13071]  ? do_raw_spin_unlock+0x121/0x230
[  889.733610][T13071]  ? rcu_is_watching+0x15/0xb0
[  889.738364][T13071]  ? ocfs2_lookup+0x494/0x950
[  889.743036][T13071]  ocfs2_create+0x196/0x430
[  889.747529][T13071]  ? ocfs2_update_inode_fsync_trans+0x240/0x240
[  889.753763][T13071]  ? from_kgid+0x16d/0x690
[  889.758171][T13071]  ? ocfs2_lookup+0x950/0x950
[  889.762841][T13071]  ? HAS_UNMAPPED_ID+0x11a/0x180
[  889.767780][T13071]  ? inode_permission+0xf3/0x480
[  889.772712][T13071]  ? bpf_lsm_inode_create+0x9/0x10
[  889.777809][T13071]  ? security_inode_create+0xb7/0x100
[  889.783202][T13071]  ? ocfs2_lookup+0x950/0x950
[  889.787871][T13071]  path_openat+0x12a0/0x3230
[  889.792461][T13071]  ? do_filp_open+0x430/0x430
[  889.797130][T13071]  ? __virt_addr_valid+0x18c/0x540
[  889.802238][T13071]  do_filp_open+0x1f5/0x430
[  889.806736][T13071]  ? vfs_tmpfile+0x490/0x490
[  889.811320][T13071]  ? _raw_spin_unlock+0x28/0x40
[  889.816172][T13071]  ? alloc_fd+0x58f/0x630
[  889.820494][T13071]  do_sys_openat2+0x134/0x1d0
[  889.825163][T13071]  ? do_sys_open+0xe0/0xe0
[  889.829569][T13071]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  889.835545][T13071]  ? lock_chain_count+0x20/0x20
[  889.840398][T13071]  __x64_sys_openat+0x139/0x160
[  889.845241][T13071]  do_syscall_64+0x55/0xa0
[  889.849650][T13071]  ? clear_bhb_loop+0x40/0x90
[  889.854316][T13071]  ? clear_bhb_loop+0x40/0x90
[  889.858990][T13071]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  889.864870][T13071] RIP: 0033:0x7ff11c59bf79
[  889.869284][T13071] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  889.888967][T13071] RSP: 002b:00007ff11d4bc028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  889.897378][T13071] RAX: ffffffffffffffda RBX: 00007ff11c815fa0 RCX: 00007ff11c59bf79
[  889.905342][T13071] RDX: 00000000000c4042 RSI: 0000200000000300 RDI: ffffffffffffff9c
[  889.913302][T13071] RBP: 00007ff11c6327e0 R08: 0000000000000000 R09: 0000000000000000
[  889.921266][T13071] R10: 00000000000001ff R11: 0000000000000246 R12: 0000000000000000
[  889.929226][T13071] R13: 00007ff11c816038 R14: 00007ff11c815fa0 R15: 00007fff0a4261c8
[  889.937300][T13071]  </TASK>
[  889.977090][   T27] audit: type=1800 audit(2000000045.193:43): pid=13071 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1929" name="file1" dev="loop1" ino=17058 res=0 errno=0
[  890.022348][  T967] usb 1-1: config 0 has an invalid interface number: 133 but max is 0
[  890.030821][  T967] usb 1-1: config 0 has no interface number 0
[  890.039141][  T967] usb 1-1: New USB device found, idVendor=06cd, idProduct=0121, bcdDevice=dd.3d
[  890.049450][ T5765] ocfs2: Unmounting device (7,1) on (node local)
[  890.102183][  T967] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  890.116638][  T967] usb 1-1: Product: syz
[  890.120840][  T967] usb 1-1: Manufacturer: syz
[  890.126099][  T967] usb 1-1: SerialNumber: syz
[  890.134412][  T967] usb 1-1: config 0 descriptor??
[  890.335583][T13074] loop0: detected capacity change from 0 to 164
[  890.344374][T13074] rock: corrupted directory entry. extent=41, offset=65536, size=8
[  890.692981][  T967] keyspan 1-1:0.133: Keyspan 1 port adapter converter detected
[  890.702335][  T967] keyspan 1-1:0.133: found no endpoint descriptor for endpoint 81
[  890.710413][  T967] keyspan 1-1:0.133: found no endpoint descriptor for endpoint 1
[  890.718428][  T967] keyspan 1-1:0.133: found no endpoint descriptor for endpoint 2
[  890.727666][  T967] usb 1-1: Keyspan 1 port adapter converter now attached to ttyUSB0
[  890.929296][T10609] usb 1-1: USB disconnect, device number 24
[  890.952222][T10609] keyspan_1 ttyUSB0: Keyspan 1 port adapter converter now disconnected from ttyUSB0
[  890.963993][T10609] keyspan 1-1:0.133: device disconnected
[  895.060781][ T1286] ieee802154 phy0 wpan0: encryption failed: -22
[  895.067095][ T1286] ieee802154 phy1 wpan1: encryption failed: -22